IETF Logo Mail Archive

Re: W3C Last Call and Media Type request for comments: XQuery and XQueryX

Bjoern Hoehrmann <derhoermi@gmx.net> Thu, 07 April 2005 21:06 UTC

Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j37L6WoJ016565; Thu, 7 Apr 2005 14:06:32 -0700 (PDT) (envelope-from owner-ietf-xml-mime@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id j37L6WPj016564; Thu, 7 Apr 2005 14:06:32 -0700 (PDT)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-xml-mime@mail.imc.org using -f
Received: from mail.gmx.net (pop.gmx.de [213.165.64.20]) by above.proper.com (8.12.11/8.12.9) with SMTP id j37L6UZZ016548 for <ietf-xml-mime@imc.org>; Thu, 7 Apr 2005 14:06:31 -0700 (PDT) (envelope-from derhoermi@gmx.net)
Received: (qmail invoked by alias); 07 Apr 2005 21:06:24 -0000
Received: from dsl-084-056-238-149.arcor-ip.net (EHLO localhost) [84.56.238.149] by mail.gmx.net (mp021) with SMTP; 07 Apr 2005 23:06:24 +0200
X-Authenticated: #723575
From: Bjoern Hoehrmann <derhoermi@gmx.net>
To: Liam Quin <liam@w3.org>
Cc: ietf-types@iana.org, ietf-xml-mime@imc.org, public-qt-comments@w3.org
Subject: Re: W3C Last Call and Media Type request for comments: XQuery and XQueryX
Date: Thu, 07 Apr 2005 23:06:49 +0200
Message-ID: <425e9d44.15417140@smtp.bjoern.hoehrmann.de>
References: <20050407200151.GN1785@w3.org> <425b93d4.13001640@smtp.bjoern.hoehrmann.de> <20050407204611.GS1785@w3.org>
In-Reply-To: <20050407204611.GS1785@w3.org>
X-Mailer: Forte Agent 1.92/32.572
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-Y-GMX-Trusted: 0
Sender: owner-ietf-xml-mime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-xml-mime/mail-archive/>
List-ID: <ietf-xml-mime.imc.org>
List-Unsubscribe: <mailto:ietf-xml-mime-request@imc.org?body=unsubscribe>

* Liam Quin wrote:
>It lets people put XQuery documents on public Web servers that may
>not be configured correctly.  But it's not clear that this is the
>right approach.

What kind of misconfiguration did you have in mind here? Configured to
use an incorrect charset parameter? That's then easily addressed by not
having a charset parameter.

>We expect to add to it later.  Right now the specifications are new
>enough (in terms of Process) that security implications have not
>all been explored.  I'd welcome help in this area.  What sort of
>additional text did you expect in this section?

http://www.ietf.org/internet-drafts/draft-freed-media-type-reg-03.txt
section 6 covers this. For example, it seems possible to construct a
query such that it loops indefinitely through infinite recursion, that's
probably something implementations should protect against.

>It's non-normative within the context of the XQueryX specification:
>an implementation does not need to support anything here in order
>to claim conformance.  If you do support application/xquery+xml though,
>this is how you must do it.

http://www.w3.org/TR/2005/WD-xquery-20050404/#id-conform-optional-features
is not marked non-normative, even though none of the features in that
section are required in order to claim conformance, so this principle
does not seem to be applied consistently; and it seems inconsistent
with other W3C Technical Reports.
-- 
Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
Weinh. Str. 22 · Telefon: +49(0)621/4309674 · http://www.bjoernsworld.de
68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/

v2.23.0 | Report a Bug | By Email