xml-dev - RE: [xml-dev] Excellent IETF BCP on XML

RE: [xml-dev] Excellent IETF BCP on XML

[ Lists Home | Date Index | Thread Index ]

To: 'Rich Salz' <rsalz@datapower.com>
Subject: RE: [xml-dev] Excellent IETF BCP on XML
From: "Bullard, Claude L (Len)" <clbullar@ingr.com>
Date: Fri, 22 Nov 2002 14:05:51 -0600
Cc: 'Tim Bray' <tbray@textuality.com>, XML Dev <xml-dev@lists.xml.org>

Need not and can be are different things.

Yep... know all about entities.  I also know 
that "identifier" is a resolvable URL and 
that documentation placed for convenience 
as a best practice leads one to resolve it. 
So the issue is for the protocol designer 
to explicitly say ... what?

len


From: Rich Salz [mailto:rsalz@datapower.com]

> Hmm.  So namespacesCumURLs are a security problem?

No, a namespace URI is an identifier, and therefore need not be 
followed. The document (which is excellent) is talking about, you know, 
external ENTITY things.

I believe this security issue is one reason why SOAP disallows DTD's.

Follow-Ups:
- Re: [xml-dev] Excellent IETF BCP on XML
  - From: Miles Sabin <miles@milessabin.com>

Prev by Date: Re: [xml-dev] Excellent IETF BCP on XML
Next by Date: Re: [xml-dev] Excellent IETF BCP on XML
Previous by thread: Re: [xml-dev] Excellent IETF BCP on XML
Next by thread: Re: [xml-dev] Excellent IETF BCP on XML
Index(es):
- Date
- Thread