OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: Parser Behaviour (serious)

[ Lists Home | Date Index | Thread Index ]
  • From: "Clark C. Evans" <cce@clarkevans.com>
  • To: Simon Wilson <Simon.Wilson@crealogix.com>
  • Date: Mon, 3 Apr 2000 11:53:23 -0400 (EDT)

On Mon, 3 Apr 2000, Simon Wilson wrote:
> Imagine if all those XML-based B2B systems out there referenced external
> entities on external web-sites. Hack the site, change or remove the DTD/schema
> and a lot of companies are losing a lot of money.
> As a result, I think you'll find that most people with their wits about them
> will be taking a copy of standardized DTDs and referencing that instead in order
> to prevent such things from happening.

This is actually deeper.  What happens if 3 organizations
agree on a given DTD.  They all refer to that DTD, having
it hosted by one of the companies.  And then the hosting
company makes a slight 'clarifying' change... which happens
to cause validation of particular documents which were
considered invalid by one organization to succeed.

I think it is rather "essential" to be able to 'ovverride' 
the DTD used as a command line option; pointing it to
a local version of the DTD.


This is xml-dev, the mailing list for XML developers.
To unsubscribe, mailto:majordomo@xml.org&BODY=unsubscribe%20xml-dev
List archives are available at http://xml.org/archives/xml-dev/


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS