[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] XPath Attribute Profile: XPath as an Identifier
> Other thoughts: > - "urn:xpath" as a prefix: Is it safe to just use xpath > directly (name="/pp/LegalName/CommonName") or does it need to > have some clarifying prefix > (name="urn:some_name_clarifying_that_this_is_an_xpath_name:/pp > /LegalName/CommonName"). I suppose the problem is that XPath > is a uri and I'm trying to put it into a urn. Well, I think the problem is that XPath is (generally) a relative URI, and you want an absolute URI. Whether it's a URN or a URL isn't the point, there's no "base" to resolve the thing with. I'm wondering where XPointer fits into this. Lest I be accused of just arguing over naming before we have the use case nailed down, I think this *is* part of the use case. We have to understand how we would interpret the notion of an XPath as a "name" when it really connotes a node set in a particular document, so understanding the thing we're implicitly pointing into is really the starting point. I know XACML has XPath bits in it, but what's the "source" document into which the path is evaluated? Is that just specified along with the XPath? To put it another way, is it worth instead addressing XPath requirements more in terms of how to incorporate attributes by reference, as XACML does, rather than as a simple translation of one thing into another inline format? That seems somewhat more powerful, even if it does introduce the usual question of what it means to sign an assertion that amounts to a pointer to something that the signature doesn't cover. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]