W3C home > Mailing lists > Public > public-xmlsec@w3.org > February 2009

Re: ACTION -169: Update draft - Transform Note

From: Pratik Datta <pratik.datta@oracle.com>
Date: Sun, 01 Feb 2009 22:30:43 -0800
Message-ID: <49869313.1030009@oracle.com>
To: XMLSec WG Public List <public-xmlsec@w3.org>

Here is a list of changes that I made

Changes that we had not discussed, or just alluded to.
1) Added details about the "sign what is seen" requirement. i.e. the 
requirement to convert the xml to a html using XSLT and decrypt transform
  a)  Section 2 bullet 4
  b) Added a new <Transforms> element in between <Selection> and 
  c) section 4.3

2) Clarified the requirements in section 3 - there are 4 bullets, and 
each is expanded out
  in detail in section 3.1 (determine what is signed), 3.2 
(performance), 3.3 (security) and 3.4 (canonicalization)
Section 3.1.1.  and 3.1.2 is new material - talks about problems in 
determining what is signed
Section 3.2.1 and 3.2.3 are also new - talks about performance problems.
Section 3.3 is also new - security- it is basically all the DoS problems 
listed in the best requirements doc. the requirement is to solve them

3) Removed Section 4, as that was overlapping with requirements and 
design.  Problems in old spec is now part of requirements.

4) Added some more properties to Section 4.4 canonicalization
 serialization="EXI/XML" , sortAttributes="true/false", 

Changes that were discussed
1) added me as an Author
2) incorporated both of Frederick's emails
3) incorporated introductory text from Scott
4) incorporated , no entity expansion in C14N from Brad
5) Section 3.4 is canonicalization - it has been removed from the 
requirements document, and placed here
    It split up into 3.4.1 historical requirements, and 3.4.2 : modified 
requirements. Modified requiremens is what we discussed in F2F

6) Split up the deisgn into a section by element
  4.2 <Selection>  4.3 <Transforms>  4.4 <Canonicalization>

Pratik Datta wrote:
> I have updated the transform notes with all the discussions that we 
> had during the Redwood City F2F.
> http://www.w3.org/2008/xmlsec/Drafts/transform-note/Overview.html
> This closes ACTION-169
Received on Monday, 2 February 2009 06:31:16 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:55:10 UTC