Re: [xml-dev] Here's why it's not always a good idea to embed validation

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]

Re: [xml-dev] Here's why it's not always a good idea to embed validationinformation (e.g., schemaLocation) in instance documents

From: Richard Salz <rsalz@us.ibm.com>
To: John Snelson <john.snelson@oracle.com>
Date: Tue, 6 Jan 2009 17:08:25 -0500

> Your presentation looks good, but I'm not sure it goes far enough. Was 
> there ever a good reason to embed validation information in an instance 
> document? Isn't that fundamentally backwards, like trusting a thief 
> because /he says/ he's not a thief?

Sometimes you might have reason to trust the sender. Or the implications 
of getting it wrong if you do trust him may not matter.  Or the cost of 
doing out of band configuration may exceed the costs of getting the trust 
wrong.  For example, if you are building generic XML stuff (like, say an 
appliance :).

We support schemaLocation.  But we also have a configuration operation 
that passes the URL's through a set of rewrite rules so that, e.g., you 
can rewrite remote schema to a local version that you trust.

        /r$

--
Visiting Member, IBM Academy
STSM, DataPower Chief Programmer
WebSphere DataPower SOA Appliances
http://www.ibm.com/software/integration/datapower/

Follow-Ups:
- Re: [xml-dev] Here's why it's not always a good idea to embed validationinformation (e.g., schemaLocation) in instance documents
  - From: John Snelson <john.snelson@oracle.com>

References:
- Re: [xml-dev] Here's why it's not always a good idea to embed validationinformation (e.g., schemaLocation) in instance documents
  - From: John Snelson <john.snelson@oracle.com>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]