W3C home > Mailing lists > Public > public-xml-core-wg@w3.org > September 2011

RE: FW: FW: Last Call for XML Signature 2.0, Canonical XML 2.0 and XML Signature Streaming Profile of XPath 1.0 ( LC-2488)

From: Grosso, Paul <pgrosso@ptc.com>
Date: Fri, 23 Sep 2011 09:52:27 -0400
Message-ID: <9B2DE9094C827E44988F5ADAA6A2C5DA03AD471A@HQ-MAIL9.ptcnet.ptc.com>
To: "Pratik Datta" <pratik.datta@oracle.com>, "Norman Walsh" <ndw@nwalsh.com>, <frederick.hirsch@nokia.com>
Cc: <public-xmlsec@w3.org>, <public-xml-core-wg@w3.org>


> -----Original Message-----
> From: public-xml-core-wg-request@w3.org [mailto:public-xml-core-wg-
> request@w3.org] On Behalf Of Pratik Datta
> Sent: Monday, 2011 September 19 14:57
> To: Norman Walsh; frederick.hirsch@nokia.com
> Cc: public-xmlsec@w3.org; public-xml-core-wg@w3.org
> Subject: RE: FW: FW: Last Call for XML Signature 2.0, Canonical XML
2.0
> and XML Signature Streaming Profile of XPath 1.0 ( LC-2488)
> 
> Paul,
> 
> How does this new text sound ?
> 
> "When serializing a Signature element or signed XML data that's the
> child of other elements using these data models, that Signature
element
> and its children, may contain namespace declarations from its ancestor
> context.

I am fine with the following wording (assuming "simple inheritable
attributes" is defined precisely elsewhere in your document).

I will not object to your wording in the above sentence, but I'll
point out that "may contain namespace declarations from its ancestor
context" doesn't make sense.  How can something contain anything it
doesn't contain.  What I think you mean is "may have in-scope
namespaces inherited from its ancestral context".

(Finally, the comma in "Signature element and its children, may"
is wrong and misleading assuming "Signature element and its children" 
is the subject and "may contain" is the verb.)

Thank you for considering my comments.

paul


> In addition, the Canonical XML and Canonical XML with Comments
> algorithms defines special treatment for attributes in the XML
> namespace, which can cause them to be part of the canonicalized XML
> even if they were outside of the document subset. Simple inheritable
> attributes (such as xml:lang) are inherited from nearest ancestor in
> which they are declared to the apex node of canonicalized XML unless
> they are already declared at that node. This may frustrate the intent
> of the signer to create a signature in one context which remains valid
> in another."
> 
> 
> Notice that we have
> 1) changed the term "XML namespace attributes"  to "attributes in XML
> namespace".
> 2) Used the term "inherit" rather than "import".
> 3) Mentioned that only "simple inheritable attributes" are inherited
> e.g xml:lang.  xml:id is not inherited as of  Canonical XML 1.1
> 
> These changes also make it consistent with our terminology in the
> Canonical XML specification.
> 
> This new text is present in section B.8 of the Sept 19th draft
> http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/
> 
> Pratik
> 
> -----Original Message-----
> From: Norman Walsh [mailto:ndw@nwalsh.com]
> Sent: Wednesday, September 07, 2011 8:50 AM
> To: frederick.hirsch@nokia.com
> Cc: public-xmlsec@w3.org; public-xml-core-wg@w3.org
> Subject: Re: FW: FW: Last Call for XML Signature 2.0, Canonical XML
2.0
> and XML Signature Streaming Profile of XPath 1.0 ( LC-2488)
> 
> "Grosso, Paul" <pgrosso@ptc.com> writes:
> > As I explained at
> > http://lists.w3.org/Archives/Public/public-xml-core-wg/2011Sep/0005
> > I will be offline from tomorrow through September 26, so I have
taken
> > the liberty of making a private comment (per the above cited email).
> >
> > I cannot suggest exact language, since I don't know how you want to
> > deal with attributes in the XML namespace like xml:id that probably
> > should not be "imported" (I'm not sure what "imported" means since a
> > scan of the draft indicates the use in B.8 is the only use of the
> > otherwise undefined term).
> >
> > But I'm quite sure that:
> >
> > 1.  you shouldn't use the term "XML namespace attributes" to refer
> >     to "attributes in the XML namespace", and
> >
> > 2.  you need to be clearer what "import" means and how you want to
> >     deal with at least xml:id which, I wouldn't think, you'd want
> >     to handle in the same way as things like xml:lang.
> >
> > Apologies if I am missing something obvious; if, in my absence, the
> > XML Core WG disagrees with me, their opinion overrides mine.
> 
> On the contrary, at the meeting of 7 September[1], the XML Core WG
> agreed to endorse Paul's comments as Working Group comments. Please
let
> us know if you have any further questions or concerns.
> 
>                                         Be seeing you,
>                                           norm
> 
> [1] http://lists.w3.org/Archives/Public/public-xml-core-
> wg/2011Sep/0007.html
> 
> --
> Norman Walsh
> Lead Engineer
> MarkLogic Corporation
> Phone: +1 413 624 6676
> www.marklogic.com
Received on Friday, 23 September 2011 13:53:57 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 23 September 2011 13:53:58 GMT