Cart
|
[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: Valid RDF and security
 Perhaps this will help: http://www.lists.ic.ac.uk/hypermail/xml-dev/9902/0371.html Robb Shecter wrote: > > Hi, > > A week or so ago, someone asked how a piece of RDF can be validated, > analogous to the way that a piece of XML can be validated with a DTD. I > don't think anybody answered this, or I missed the answer. (?) I'm new > to RDF, and don't know the answer, because as I understand it, > validating RDF would mean making sure that the document properly follows > (say) Dublin Core, and DC is defined as a schema, not as a DTD. (?) Well, there is an initial Dublin Core schema, but I don't know if there is any standard one: http://www.w3.org/TR/WD-rdf-schema/#dublincore > Idea 1: Have webadmins write Java adapter classes that my framework > would dynamically load via http. This sounds cool, is possible > (servlets do this), but has a security risk: These webadmins at > external sites are untrusted. If I load and link their code on the fly, > it could be programmed to do any number of destructive things on my > server. Declarative specifications are almost always better for this and many other reasons. > Idea 3: Well, after reading about RDF, it seems like I'm reinventing the > wheel a bit. RDF is designed to do just what I was thinking about in > 2. But, how do I validate it? And in my application, I really need the > validation, because the validation enforces program functioning and > security. Define your document type with a DTD. Make the DTD such that every document that conforms to it automatically conforms to RDF. Then you're home free. If you don't need the degrees of syntactic freedom offered by an RDF schema, then just use a DTD. -- Paul Prescod - ISOGEN Consulting Engineer speaking for only himself http://itrc.uwaterloo.ca/~papresco If you spend any time administering Windows NT, you're far too familiar with the Blue Screen of Death (BSOD) which displays the cause of the crash and gives some information about the state of the system when it crashed. -- "Microsoft Developer Network Magazine" xml-dev: A list for W3C XML Developers. To post, mailto:xml-dev@i... Archived as: http://www.lists.ic.ac.uk/hypermail/xml-dev/ and on CD-ROM/ISBN 981-02-3594-1 To (un)subscribe, mailto:majordomo@i... the following message; (un)subscribe xml-dev To subscribe to the digests, mailto:majordomo@i... the following message; subscribe xml-dev-digest List coordinator, Henry Rzepa (mailto:rzepa@i...) 
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! 
Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|
|||||||||
