OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]
Re: [xml-dev] The <any/> element: bane of security or savior of versioning?

Hi Roger,

I would suggest at the way we handled extensibility in UBL as
straddling the line between security of data and extensibility of

I would say however that it only provided a starting point for how
extensibility should really be provided in critical data formats (I'm
gonna go out on a limb here and say that people feel more comfortable
allowing any usage in something like RSS than they do in something
like an XML marked up Invoice. )

Bryan Rasmussen

On 10/19/07, Costello, Roger L. <costello@mitre.org> wrote:
> Hi Folks,
> In the repertoire of XML Schemas is the <any/> element.  The <any/>
> element is used in an XML Schema to instruct an XML instance document
> author: "At this point in your document you can have any element or any
> string you desire."
> From a security perspective the <any/> element represents a high risk
> and should be avoided if possible.  In environments where schema
> validation is used in a guarding capacity, a schema that uses the
> <any/> element is likely to be marked as high risk or even forbidden
> from use.
> The solution seems clear: don't use the <any/> element.
> But the situation isn't so simple....
> Versioning XML Schemas is important.  As requirements change the schema
> must change, and you would like for the schema versions to be backward
> and forward compatible.  That is, you would like for an application
> written to an old version of the schema to be able to process XML
> instance documents written to a new version of the schema and vice
> versa.
> As we discussed on this list a couple months ago, the only way you can
> achieve backward and forward compatibility in XML Schemas is through
> the use of the <any/> element [1].
> Thus you are left with two choices:
> 1. Be secure and don't use the <any/> element.  Forego backward and
> forward compatibility.
> 2. Use the <any/> element to achieve backward and forward
> compatibility.  Forego security.
> This is a serious problem for my clients.
> There must be alternatives.
> Any suggestions?
> /Roger
> [1] http://www.xfront.com/backward-forward-compatibility/
> _______________________________________________________________________
> XML-DEV is a publicly archived, unmoderated list hosted by OASIS
> to support XML implementation and development. To minimize
> spam in the archives, you must subscribe before posting.
> [Un]Subscribe/change address: http://www.oasis-open.org/mlmanage/
> Or unsubscribe: xml-dev-unsubscribe@lists.xml.org
> subscribe: xml-dev-subscribe@lists.xml.org
> List archive: http://lists.xml.org/archives/xml-dev/
> List Guidelines: http://www.oasis-open.org/maillists/guidelines.php

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 1993-2007 XML.org. This site is hosted by OASIS