- From: Konrad Lanz <Konrad.Lanz@iaik.tugraz.at>
- Date: Wed, 25 Feb 2009 01:21:02 +0100
- To: XMLSec WG Public List <public-xmlsec@w3.org>
- Message-ID: <49A48EEE.6030902@iaik.tugraz.at>
http://www.w3.org/2007/xmlsec/Drafts/xmldsig-bestpractices/#avoid-default-schema-values Shouldn't the last sentence rather say the following: s/The net result being that what is verified will not be what was signed./The net result being that what is verified will not be what was signed and cause the signature to break./ Further as I mentioned before this Section deserves a note as follows, which does not necessarily have to reference SC14n: Note: Schema Centric Canonicalization (SC14n) has been proposed to canonicalize XML with respect to an XML Schema (default values, namespace prefix desensitization, namespace attribute normalization, data-type canonicalization, data-type canonicalization). Besides the UDDI context however, ScC14n seems to be only used in MPEG-21. Otherwise - to our knowledge - it has hardly been used, nor yet as of 2008 been implemented by major vendors of XMLDSIG implementations [X]. BR Konrad [X] http://tinyurl.com/MT-Konrad-Lanz-OASIS-DSS#nameddest=subsection.2.5.4 btw. Is there a reference somewhere in the minutes that indicates why http://www.w3.org/2008/xmlsec/track/issues/75 is closed? Opened: 2008-11-18 Closed: 2008-12-17 Could neither find in: http://www.w3.org/2008/12/02-xmlsec-minutes http://www.w3.org/2008/12/09-xmlsec-minutes http://www.w3.org/2008/12/16-xmlsec-minutes -- Konrad Lanz, IAIK/SIC - Graz University of Technology Inffeldgasse 16a, 8010 Graz, Austria Tel: +43 316 873 5547 Fax: +43 316 873 5520 http://www.iaik.tugraz.at/content/about_iaik/people/lanz_konrad/ http://jce.iaik.tugraz.at/sic/products/xml_security/ Downlaod certificate chain (including the EuroPKI root certificate): http://ca.iaik.tugraz.at/capso/certs.jsp
Received on Wednesday, 25 February 2009 00:21:54 UTC