OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 

 
   RE: Default DTD URI

[ Lists Home | Date Index | Thread Index ]
  • From: "Bullard, Claude L (Len)" <clbullar@ingr.com>
  • To: Kay Michael <Michael.Kay@icl.com>, Xmldev <xml-dev@xml.org>
  • Date: Mon, 10 Jul 2000 08:48:29 -0500
If the FPI is system independent, it should 
name the expectations of both the sender and 
the receiver.  Otherwise this is a laissez faire 
communication.  That is perfectly acceptable since 
both parties are responsible for limiting the 
risks of using their respective systems. They 
must specify the records of authority for 
declining or accepting risk. 

Recommending against using DTDs or schemas 
for validation advocates removing a means to limit 
risks.  Implementations that do not enable 
using standard means to contract for limiting 
the risk are poor implementations.  Any system 
regardless of using DTDs or schemas depends on 
the power of the implementation.  

There is a responsibility to ensure applications 
meet testable criteria that define the means.  
Because the W3C does not define such testing, 
organizations such as NIST pick up the task.  
What this means is that the recommendations for 
which applications are safe to use or risk 
aversive must come from outside the consortia.  
These organizations become responsible for the 
records of authority for these systems, not 
the consortia.

Len Bullard
Intergraph Public Safety
clbullar@ingr.com
http://fly.hiwaay.net/~cbullard/lensongs.ram

Ekam sat.h, Vipraah bahudhaa vadanti.
Daamyata. Datta. Dayadhvam.h


-----Original Message-----
From: Kay Michael [mailto:Michael.Kay@icl.com]

I think this is a real problem, and I have in the past recommended against
using DTDs for validation for this reason. A validating parser checks that
the document conforms to whatever rules the sender wants it to conform to,
not that it conforms to the rules required by the recipient. Since DTDs are
only capable of expressing a small subset of the application-level validity
rules anyway, I've found it easier in practice to do all the validation at
application level. Perhaps I didn't try hard enough: there are parsers that
allow you to build a DOM, modify the doctype declaration to reference your
own DTD, and then validate against that. But I wanted to be
parser-independent, and SAX1 didn't even allow the application to discover
whether the parser was validating or not.

I'm hoping that XML Schemas will improve this situation, but it depends  on
how they are supported in products.

***************************************************************************
This is xml-dev, the mailing list for XML developers.
To unsubscribe, mailto:majordomo@xml.org&BODY=unsubscribe%20xml-dev
List archives are available at http://xml.org/archives/xml-dev/
***************************************************************************

 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS