ietf-mxcomp
[Top] [All Lists]

RE: Comments on draft-ietf-marid-core-01 xml use

2004-06-03 13:57:20

3.  [Doug] Other words about standaloneness, implying (I think) that
implementations shouldn't be required to load arbitrary schemas to
understand a document.

I completely agree with the goal.  I would expect an implementation to
have those schemas that it understands (initially just ...:marid-1)
hard-coded into it.  By explicit words in the spec, an implementation
is
required to ignore elements and attributes whose schema it doesn't
understand.  It need not search to find a schema document for other
namesapces, it can just ignore the elements.

More strongly: very generally speaking, it is a security hole (not to
mention a DOS attack vector), to trust a possibly-malicious party to
give you the XML schema for XML data that you do anything other than
ignore entirely, for aspects of the schema (default attributes, for
example, or whitespace significance via contentType) can change the
content of the data in question.

        Bob