Subject: Re: [entity-resolution] RE: OASIS - Catalog Threat ?
Well, I guess we should discuss this before disbanding the ER TC ;-) Can we do it by email, or should we hold a phone call? Lauren Mary McRae said the following on 05/02/2007 6:13 AM: > Hi Lauren, > > This email was sent to communications (Carol Geyer). > > Regards, > > Mary > >> -----Original Message----- >> From: Steven J. Hathaway [mailto:email@example.com] >> Sent: Sunday, February 04, 2007 12:28 PM >> To: firstname.lastname@example.org >> Subject: OASIS - Catalog Threat ? >> >> I recommend that (Sec: 4.1.1) of the OASIS entity resolver >> catalog specification be revised to help avoid the >> development of products that have misleading identifier trust. >> >> OASIS is a general entity resolver and catalog. It can now >> be used with XML. The specification document (Sec: 4.1.1) >> describing the 'prefer' attribute may harbor a security >> threat related to identifier trust. >> >> Normally, the Public identifiers have global scope, and >> therefore a high probability of trust. The System >> identifiers normally have a restricted scope - that of a >> specific system - and therefore do not have the global trust. >> >> When a document is passed between systems, it is undefined >> what the scope of System identifier implies. Herein lies an >> OASIS catalog threat. A document may have both Public and >> System identifiers proclaiming to be associated with the >> Public resource. Since the document could be received from a >> foreign system, the Public and System identifiers may no >> longer define the same resource. The System identifiers in >> messages received from foreign systems should have a lower >> threshold of trust than Public identifiers. >> >> The 'prefer' attribute is often set to 'public' for a catalog >> or group. And if both a Public and System identifier for the >> resource reside in the catalog, the System replacement text >> is used. Most developers would imply that the Public >> replacement text should be used (See Section 4.1.1. table). >> >> The 'prefer' attribute should be set to 'system' to handle >> those documents that are only generated and consumed by the >> same system. >> >> Sincerely, >> Steven J. Hathaway >> Email: email@example.com >>