OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

wss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [wss] Issue 399: Proposed Security Consideration Text


"DeMartini, Thomas" <Thomas.DeMartini@CONTENTGUARD.COM> wrote on 
06/20/2005 02:42:34 PM:

> Mike, my four bullets were just trying to guess at what you meant. 
> Given what you say below, let me try to test my understanding again.
> Would the following statement be consistent with what you mean?
> 
> References using XPath transforms with Absolute Path expressions and
> validation of those expressions by receivers including
> * checking that the URI for that reference resolves to the enclosing
> document (initial context node),
> * checking that the Absolute Path XPath expression evaluates from 
> the initial context node to the digested nodeset.

Now I THINK I understand your position. You are talking about policy 
enforcement.
In that context I think your concept of "validation" translates to:
* checking that the resulting nodeset is allowed or required to be signed.

I think this policy check needs to be performed by all receivers 
regardless of whether they use XPath expressions or not.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]