OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]
Re: [xml-dev] The <any/> element: bane of security or savior of versioning?

Stephen Green writes:

> Interestingly, in UBL the 'any' is inside an optional construct
> so parties concerned it might pose some problems for software 
> weaknesses or security can just impose a subsetting profile 
> which eliminates its use from their transactions.

I haven't looked at the UBL language lately, and don't remember the 
details, but during our discussions of XSD 1.1 I suggested a design goal 
which I think got some serious attention:  whatever constructs we provide 
for versioning should scale to the case where there are many revisions. 
Question:  if the content within that optional construct is later revised, 
does that second revision get wrapped in yet another such construct?  If 
there are 50 revisions, can you wind up with 49 nested "extension" 
elements, and the requirement to know how deep down each such extension 

This is not a critique of UBL.  My impression is that it has been designed 
with great care and insight.  I have seen other more naive proposals for 
"extension" elements.  They tend to have the advantage that you know where 
the extension content is, and the disadvantages that a) they are somewhat 
clumsy in the instance (would you want to wrap your HTML <img> tags in 
<extension> elements? and b) as noted above, it's not always clear how to 
scale them to multiple revisions.  Overall, I tend to prefer various 
flavors of open content.


Noah Mendelsohn 
IBM Corporation
One Rogers Street
Cambridge, MA 02142

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 1993-2007 XML.org. This site is hosted by OASIS