W3C home > Mailing lists > Public > public-ws-policy@w3.org > October 2006

RE: New C14N/1.1 WD and Web Services Policy 1.5 - Framework (ed. copy)

From: Paul Cotton <Paul.Cotton@microsoft.com>
Date: Wed, 4 Oct 2006 09:58:48 -0700
To: "jose.kahan@w3.org" <jose.kahan@w3.org>
CC: "public-ws-policy@w3.org" <public-ws-policy@w3.org>
Message-ID: <4D66CCFC0B64BA4BBD79D55F6EBC225719C5333A18@NA-EXMSG-C103.redmond.corp.microsoft.com>

The WS-Policy WG has reviewed your email and we believe the heart of the XML Core WG proposal is in the following paragraph:

> You may wish to apply the procedure described in Section 2.2 of the
> dsig-usage note [2] to apply a C14N/1.1 transformation. This could
> help you avoid having to define an alternate xml:id attribute.

The WS-Policy WG does NOT want to remove the usage of wsu:id from our specification due to the following three reasons:

a) Support for wsu:id must not be removed since our charter strongly urges backwards compatibility with existing policy assertions in:
"Web Services Policy should remain compatible with existing policy assertions and offer a smooth migration path for these assertions (where applicable)."

b) Support for wsu:id must not be removed since it is unlikely that WS-Policy CR implementations will include support for xml:id, C14N/1.1 and/or the as yet to be started revised version of XML DSig.

c) Support for wsu:id must not be removed since it is premature to normatively depend on C14N/1.1 or the dsig-usage Note since they have not yet proceeded through CR and the proposed W3C XML DSig revision work has not yet begun (although it is proposed).

The WS-Policy WG is willing to add non-normative references to the C14N/1.1 WD and the dsig-usage Note as guidance to how the problems with xml:id MAY be solved.

Please let us know if you agree with this disposition of your comment.

/paulc
For the WS-Policy WG

Paul Cotton, Microsoft Canada
17 Eleanor Drive, Ottawa, Ontario K2E 6A3
Tel: (613) 225-5445 Fax: (425) 936-7329
mailto:Paul.Cotton@microsoft.com





> -----Original Message-----
> From: public-ws-policy-request@w3.org [mailto:public-ws-policy-
> request@w3.org] On Behalf Of Jose Kahan
> Sent: September 20, 2006 11:35 AM
> To: public-ws-policy@w3.org
> Subject: New C14N/1.1 WD and Web Services Policy 1.5 - Framework (ed.
> copy)
>
>
> Hello,
>
> I'm writing on behalf of the XML-Core Working Group. We'd like to bring to
> your attention that we have published three C14N related documents and
> welcome
> review to them [1].
>
> Specifically, there is a new Working Draft for C14N/1.1 that takes into
> account different issues related to C14N and the evolution of XML core
> technologies, including xml:id.
>
> In parallel, W3C is working on a charter for a new W3C Working Group that
> would have task of making an editorial revision of XML Signature to make
> mandatory the use of C14N/1.1, thus making it possible to correctly take
> into
> documents that include xml:id attributes. See the related dsig-usage note
> [2] and the thread on the w3c-ietf-xmldsig mailing list [3].
>
> In particular, this work should solve the problem you describe in
> Section 4.2 of the recent Editor's Draft for the Web Services Policy 1.5 -
> Framework [4]:
>
> <quote>
>
> /wsp:Policy/(@wsu:Id | @xml:id)
>
> The identity of the policy expression as an ID within the enclosing XML
> document. If omitted, there is no implied value. To refer to this policy
> expression, an IRI-reference  MAY be formed using this value per Section
> 4.2 of WS-Security [WS-Security 2004] when @wsu:Id is used.
>
> The use of xml:id attribute in conjunction with Canonical XML 1.0 is
> inappropriate as described in Appendix C of xml:id Version 1.0 [XML ID]
> and thus this combination must be avoided (see [C14N 1.0 Note]). For
> example, a policy expression identified using xml:id attribute should not
> be signed using XML Digital Signature when Canonical XML 1.0 is being used
> as the canonicalization method.
>
> </quote>
>
> You may wish to apply the procedure described in Section 2.2 of the
> dsig-usage note [2] to apply a C14N/1.1 transformation. This could help
> you avoid having to define an alternate xml:id attribute.
>
> You can send comments related to the C14N drafts to the following
> public-archived list:
>
>    www-xml-canonicalization-comments@w3.org
>
> Best regards,
>
> -jose
>
> [1]
> http://www.w3.org/2002/02/mid/CF83BAA719FD2C439D25CBB1C9D1D30204ABFCD3@HQ-
> MAIL4.ptcnet.ptc.com
>
> [2] http://www.w3.org/TR/2006/WD-DSig-usage-20060915/
>
> [3]
> http://www.w3.org/2002/02/mid/20060918163151.GO2766@raktajino.does-not-
> exist.org
>
> [4]
> http://dev.w3.org/cvsweb/~checkout~/2006/ws/policy/ws-policy-
> framework.html?content-type=text/html;charset=utf-8#Policy_Identification
Received on Wednesday, 4 October 2006 16:59:53 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:20:42 GMT