[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [wss] Issue 399: Proposed Security Consideration Text
"DeMartini, Thomas" <Thomas.DeMartini@CONTENTGUARD.COM> wrote on 06/20/2005 02:42:34 PM: > Mike, my four bullets were just trying to guess at what you meant. > Given what you say below, let me try to test my understanding again. > Would the following statement be consistent with what you mean? > > References using XPath transforms with Absolute Path expressions and > validation of those expressions by receivers including > * checking that the URI for that reference resolves to the enclosing > document (initial context node), > * checking that the Absolute Path XPath expression evaluates from > the initial context node to the digested nodeset. Now I THINK I understand your position. You are talking about policy enforcement. In that context I think your concept of "validation" translates to: * checking that the resulting nodeset is allowed or required to be signed. I think this policy check needs to be performed by all receivers regardless of whether they use XPath expressions or not.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]