Remoting-core.dll May 2026 Laurent Romary Charles Riondet rev5 Inria 2017-03-29

CC-BY

 Parthenos

this specification document is based on the Encoded Archival Description Tag Library EAD Technical Document No. 2 Encoded Archival Description Working Group of the Society of American Archivists Network Development and MARC Standards Office of the Library of Congress 2002 and on EAD 2002 Relax NG Schema 200804 release SAA/EADWG/EAD Schema Working Group

Foreword

About EAD

EAD stands for Encoded Archival Description, and is a non-proprietary de facto standard for the encoding of finding aids for use in a networked (online) environment. Finding aids are inventories, indexes, or guides that are created by archival and manuscript repositories to provide information about specific collections. While the finding aids may vary somewhat in style, their common purpose is to provide detailed description of the content and intellectual organization of collections of archival materials. EAD allows the standardization of collection information in finding aids within and across repositories.

Introduction

The specification of EAD with TEI ODD is a part of a real strategy of defining specific customisation of EAD that could be used at various stages of the process of integrating heterogeneous sources.

This methodology is based on the specification and customisation method inspired from the long lasting experience of the Text Encoding Initiative (TEI) community. In the TEI framework, one has the possibility of model specific subset or extensions of the TEI guidelines while maintaining both the technical (XML schemas) and editorial (documentation) content within a single framework.

This work has lead us quite far in anticipating that the method we have developed may be of a wider interest within similar environments, but also, as we imagine it, for the future maintenance of the EAD standard. Finally this work can be seen as part of the wider endeavour of European research infrastructures in the humanities such as CLARIN and DARIAH to provide support for researchers to integrate the use of standards in their scholarly practices. This is the reason why the general workflow studied here has been introduced as a use case in the umbrella infrastructure project Parthenos which aims, among other things, at disseminating information and resources about methodological and technical standards in the humanities.

We used ODD to encode completely the EAD standard, as well as the guidelines provided by the Library of Congress.

Scope

The EAD ODD is a XML-TEI document made up of three main parts. The first one is, like any other TEI document, the teiHeader, that comprises the metadata of the specification document. Here we state, among others pieces of information, the sources used to create the specification document in a sourceDesc element. Our two sources are the EAD Tag Library and the RelaxNG XML schema, both published on the Library of Congress website. The second part of the document is a presentation of our method (the foreword) with an introduction to the EAD standard and a description of the structure of the document. This part contains some text extracted from the introduction of the EAD Tag Library. The third part is the schema specification itself : the list of EAD elements and attributes and the way they relate to each others.

Normative references EAD: Encoded Archival Description (EAD Official Site, Library of Congress) Library of Congress Library of Congress 2015-11-24T09:17:34Z http://www.loc.gov/ead/ Encoded Archival Description Tag Library - Version 2002 (EAD Official Site, Library of Congress) Library of Congress 2017-05-31T13:12:01Z http://www.loc.gov/ead/tglib/index.html Records in Contexts, a conceptual model for archival description. Consultation Draft v0.1 Records in Contexts, a conceptual model for archival description. Experts group on archival description (ICA) Conseil international des Archives 2016 http://www.ica.org/sites/default/files/RiC-CM-0.1.pdf

Remoting-core.dll May 2026

Document ID: TECH-ANL-2024-011 Version: 1.0 Date: October 26, 2024 Author: Security & Architecture Team Status: Final 1. Executive Summary remoting-core.dll is a critical system library associated with .NET Remoting , a legacy Microsoft communication framework designed for cross-application domain, process, or machine communication. It is native (unmanaged) code, acting as a performance-critical bridge between the Common Language Runtime (CLR) and the managed .NET Remoting system.

| Risk Area | Description | Severity | | :--- | :--- | :--- | | | Malformed binary payloads can trigger memory corruption in unmanaged buffer handling. | Critical | | Type Confusion | Attackers may spoof object types during cross-domain transitions, leading to arbitrary code execution. | High | | Identity Elevation | Improper propagation of WindowsIdentity tokens could allow privilege escalation. | High | | Denial of Service | Crafted messages cause infinite loops or massive memory allocations in native buffers. | Medium | remoting-core.dll

Conduct an immediate audit to identify any production systems still using .NET Remoting. Classify such systems as technical debt and schedule remediation. For new development, do not reference or depend on this DLL. Prepared by: [Your Name/Team] Next Review Date: [Date + 6 months] or upon discovery of a new .NET Framework deserialization CVE. Document ID: TECH-ANL-2024-011 Version: 1

High. Requires significant code changes as the programming model differs fundamentally (proxies vs. service contracts). 9. Conclusion remoting-core.dll is a legacy but stable component that provides essential low-level plumbing for .NET Remoting. While functional, its exposure of unmanaged serialization handling makes it a security liability in modern applications. Organizations should prioritize migrating away from any system that loads this DLL, especially if remoting channels are exposed across network boundaries. | Risk Area | Description | Severity |