RE: XML Signature 2.0 Strawman Proposal from Ed Simon on 2007-11-08 (public-xmlsec-maintwg@w3.org from November 2007)

From: Ed Simon <edsimon@xmlsec.com>
Date: Thu, 8 Nov 2007 12:05:48 -0500
To: Richard Salz <rsalz@us.ibm.com>
CC: <public-xmlsec-maintwg@w3.org>, <public-xmlsec-maintwg-request@w3.org>
Message-ID: <E1IqAp8-0001ez-DN@lisa.w3.org>

XML Signature 2.0 can define a default canonicalization of one of the generic canonicalization algorithms for non-XML-Signature XML content. This will only be overridden IFF a signature profile is specified and that profile sets a different canonicalization algorithm.

There is no need for every namespace to have its own canonicalization algorithm -- they can reuse and share common canonicalization algorithms. Namespace-specific canonicalization does NOT mean every namespace must have its own canonicalization algorithm, just that the canonicalization algorithm can be set on a per-namespace basis.

Ed

-----Original Message-----
From: "Richard Salz" <rsalz@us.ibm.com>
To: "Ed Simon" <edsimon@xmlsec.com>
Cc: public-xmlsec-maintwg@w3.org; public-xmlsec-maintwg-request@w3.org
Sent: 07/11/07 11:47 PM
Subject: Re: XML Signature 2.0 Strawman Proposal

I think the canonicalization thoughts on pages 13ff are a horrible idea. 
It would require every entity verifying a signature to understand the 
semantics of every namespace it might see getting signed.
        /r$
--
STSM, DataPower Chief Programmer
WebSphere DataPower SOA Appliances
http://www.ibm.com/software/integration/datapower/

Received on Thursday, 8 November 2007 17:05:59 UTC