OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How could RDDL be distributed ?

On Tue, Jan 16, 2001 at 04:01:11PM +0000, Miles Sabin wrote:
> Michael Mealling wrote,
> > Miles Sabin wrote,
> > > To do the job you'd need some mechanism for ensuring that all
> > > the DTDs were cached locally before pulling out the wire. 
> > > It'd be nice if that local caching mechanism got along well 
> > > with a mechanism for connected distribution and replication.
> >
> > That's one way but I don't think it solves the whole of the 
> > problem. Your still associated resources that are what I call 
> > authoritative. I think you want a solution that allows you to 
> > associate locally scoped resources as well.
> Actually I think it's simply two different problems which might
> have related solutions,
> 1. Allow for local overriding of authoritative resources.

IMHO that's the c15n problem space...

> 2. Allow for distribution and replication of authoritative
>    resources.

That's the URI Resolution problem space. The one part that 
isn't there is the actual distribution and replication part.
Since I don't think we'd be doing really complicated
stuff some of the existing rsync-ish solutions would work fine.
The one piece that isn't there is an API for notifying the
URI resoution services that a replication has occured.
I think you'd also need some metering so that you can
do some pro-active replication to hot spots but that
also has some standard solutions.

> (2) is the problem I'm worrying about ... my starting point
> being a worry about the hosts for popular DTDs/Schemas becoming
> a single point of failure.

Same here. The CNRP stuff I published had to include a 
non-existent URI in the examples so that people wouldn't
be using that URI due to lazy programmers. The URN/URI
resolution stuff was built specifically for this purpose....

> Interestingly the two problems are dissimilar in a very
> important way. (1) explictly wants to allow for substitution/
> overriding (that's it's whole point). (2), OTOH, almost certainly 
> wants to verifiably forbid substitution/overriding (or at least 
> make any such modification visible to ultimate recipients). That
> seems to imply a need for signatures to be accomodated by any
> such protocol.

Exactly! The whole concept behind the c15n stuff was that
this was URI Resolution that explicitly wasn't authoritative
since it was being used to provide a view of the world that
was client centric. The URi resolution stuff (and specifically
RESCAP) does have the ability to sign various bits to ensure
the authoritative chain of resolution....


Michael Mealling	|      Vote Libertarian!       | www.rwhois.net/michael
Sr. Research Engineer   |   www.ga.lp.org/gwinnett     | ICQ#:         14198821
Network Solutions	|          www.lp.org          |  michaelm@netsol.com