A. I would remove the allowance of arbitrary algorithms from all conforming
ODF 1.2 documents, extended or otherwise. Anything that makes it impossible
for a conforming consumer to even start consuming the document, even an
extended one where foreign-element fallbacks can be applied, should not be
supported for obvious interoperability reasons. We have eliminated
arbitrary compression methods and we should do the same for arbitrary
encryption algorithms.
B. Remedies
1. Everywhere in section 3.8 I would remove every bullet-item that says
* The IRI of an alternative algorithm as specified in section 5.1 of
[xml-enc] ...
There are some other problems (for example in the last bullet of 3.8.1 of
CD01, requiring producers to support Blowfish is strange when it is
consumers that should be required to support it [at a minimum]).
2. Another way to do this would be to leave this alone but in ODF 1.2 Part
1 prohibit any alternative algorithms as specified in [xml-enc] section 5.1
in packages that are acceptable for ODF documents. This leaves alternative
algorithms available for other uses of ODF 1.2 Package but not for ODF 1.2
Documents.
I don't have a preference on which way this is achieved, so long as ODF 1.2
consumers never have to deal with alternative algorithms. Inability to
recognize the algorithm means the document can't be consumed. Using
alternative algorithms in the production of packages identified as ODF
documents should not be considered achieving any level of ODF 1.2
conformance, even if it is an experimental extension. (Seems like an
experimental MIME type should go with that.)
- Dennis
Original Message-----
From: robert_weir@us.ibm.com [mailto:robert_weir@us.ibm.com]
Sent: Tuesday, May 04, 2010 12:15
To: office@lists.oasis-open.org
Subject: [office] Extended conforming packages and manifest:algorithm-name
We recently discussed removing the "extended" conformance clause for
packages. This was in :
http://tools.oasis-open.org/issues/browse/OFFICE-2257
I think the idea was it was only used when there were additional files in
the document beyond those defined by ODF.
However, I found another place where "extended" conformance is triggered.
Part 3, Section 3.8.1 defines the allowed values of the
manifest:algorithm-name attribute, and says:
"The IRI of an alternative algorithm as specified in §5.1 of
[xmlenc-core]. Alternative algorithms may be specified by extended
conforming documents only. They shall not be specified by conforming
documents."
So if we eliminate the extended package distinction, then we allow
conforming documents to be encrypted using proprietary algorithms, which I
think goes against the interoperability benefits we were trying to foster
by making the extended/non-extended distinction.
I don't think I'm in favor of this change.
Anyone want to argue otherwise?
-Rob
---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail. Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php