[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: OASIS - Catalog Threat ?
/ "Mary McRae" <mary.mcrae@oasis-open.org> was heard to say:
| Hi Lauren,
|
| This email was sent to communications (Carol Geyer).
|
| Regards,
|
| Mary
|
|>
|> -----Original Message-----
|> From: Steven J. Hathaway [mailto:shathawa@e-z.net]
|> Sent: Sunday, February 04, 2007 12:28 PM
|> To: communications@oasis-open.org
|> Subject: OASIS - Catalog Threat ?
|>
|> I recommend that (Sec: 4.1.1) of the OASIS entity resolver
|> catalog specification be revised to help avoid the
|> development of products that have misleading identifier trust.
|>
|> OASIS is a general entity resolver and catalog. It can now
|> be used with XML. The specification document (Sec: 4.1.1)
|> describing the 'prefer' attribute may harbor a security
|> threat related to identifier trust.
|>
|> Normally, the Public identifiers have global scope, and
|> therefore a high probability of trust. The System
|> identifiers normally have a restricted scope - that of a
|> specific system - and therefore do not have the global trust.
|>
|> When a document is passed between systems, it is undefined
|> what the scope of System identifier implies. Herein lies an
|> OASIS catalog threat. A document may have both Public and
|> System identifiers proclaiming to be associated with the
|> Public resource. Since the document could be received from a
|> foreign system, the Public and System identifiers may no
|> longer define the same resource. The System identifiers in
|> messages received from foreign systems should have a lower
|> threshold of trust than Public identifiers.
|>
|> The 'prefer' attribute is often set to 'public' for a catalog
|> or group. And if both a Public and System identifier for the
|> resource reside in the catalog, the System replacement text
|> is used. Most developers would imply that the Public
|> replacement text should be used (See Section 4.1.1. table).
|>
|> The 'prefer' attribute should be set to 'system' to handle
|> those documents that are only generated and consumed by the
|> same system.
I'm not sure I understand the comment. Users are free to set the
prefer attribute to system if they wish.
The catalog standard does not specify a default value for the prefer
attribute and mandates that tools provide a way for the user to
specify it.
Be seeing you,
norm
--
Norman Walsh
XML Standards Architect
Sun Microsystems, Inc.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]