OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 


 

   RE: [xml-dev] xsd validation was RE: [xml-dev] XPath/XSLT 2.0 concerns

[ Lists Home | Date Index | Thread Index ]

>I know of several places where folks are doing schema validation on *their
>own output* as well as everywhere they get an incoming XML message.
>Perhaps they are less sanguine than you are about bugs.

It is pretty obvious that I am referring to the fact that XML is used by
many developers as an easy data storage which they put in and pull out data
and is handled without much fuzz by the parser ... it is just an easier way
of app developement. Is this very elegant ? ermmm ... no. But take into
consideration that XML is perfectly useable without DTD / XSD which requires
more knowledge of XML and the gain is (in this situation) minimal.

>These are mostly financial institutions.  As some of them have some of my
>money, I'm glad they are so cautious.

I sure hope that those financial institutions you talk about use secure
connections and heavy encryption for their communications and not depend no
DTD or XSD to filter out malicious parties.

Gerben.


-----Original Message-----
From: Rich Salz [mailto:rsalz@datapower.com]
Sent: 03 October 2002 13:18
To: Gerben Rampaart (Casnet Rotterdam)
Cc: bryan; 'Tim Bray'; xml-dev@lists.xml.org
Subject: RE: [xml-dev] xsd validation was RE: [xml-dev] XPath/XSLT 2.0
concerns


> Indeed, not many I would think. Truth is that many developers / teams
choose
> for XML as the communication language between various components of their
> application which they all write themselves. And why would you use
> validation in such a case ? You know perfectly well which XML is being
> generated ... it's not going to change overnight. One side on the app
> generates and the other side receives (and vice-versa) ... no need for a
DTD
> or XSD.
>
> Agreed ?

No.

I know of several places where folks are doing schema validation on *their
own output* as well as everywhere they get an incoming XML message.

Perhaps they are less sanguine than you are about bugs.  Or more
realistic. :)  They are also concerned about malicious parties introducing
bad data.

These are mostly financial institutions.  As some of them have some of my
money, I'm glad they are so cautious.
	/r$






 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS