ISSUE-62 (schema validation): Clarify best practice related to order of schema validation and xml security processing for 2nd Edition [Best Practices for XML Signature] from XML Security Working Group Issue Tracker on 2008-10-08 (public-xmlsec@w3.org from October 2008)

From: XML Security Working Group Issue Tracker <sysbot+tracker@w3.org>
Date: Wed, 8 Oct 2008 15:22:56 +0000 (GMT)
To: public-xmlsec@w3.org
Message-Id: <20081008152256.04C3DBF4F@nelson.w3.org>

ISSUE-62 (schema validation): Clarify best practice related to order of schema validation and xml security processing for 2nd Edition [Best Practices for XML Signature]

http://www.w3.org/2008/xmlsec/track/issues/62

Raised by: Frederick Hirsch
On product: Best Practices for XML Signature

XML Schema validation can cause DOM to be updated to have validated value, this results in changes that can impact the output of canonicalization. Thus order matters, since do not have schema aware canonicalization. 

Issues may also arise when signature or encrypted elements added, with intermediary processing encryption can not always be undone.

Provide best practice information related to this issue.

incorporates

Requirement to validate xml before application processing, signature processing, thus need to read entire document before processing, thus not true streaming
http://www.w3.org/2008/xmlsec/track/issues/22

Schema not validating when enveloped signature added and not included in original doc schema
http://www.w3.org/2008/xmlsec/track/issues/33

Requirement to enable signatures on documents that do not anticipate signatures in the schema
http://www.w3.org/2008/xmlsec/track/issues/44

Effects of schema normalization on signature verification
http://www.w3.org/2008/xmlsec/track/issues/51

Received on Wednesday, 8 October 2008 15:23:30 UTC