W3C home > Mailing lists > Public > public-xmlsec@w3.org > September 2009

Editorial Comments on Canonical XML 2.0

From: Frederick Hirsch <frederick.hirsch@nokia.com>
Date: Fri, 25 Sep 2009 16:24:47 -0400
Message-Id: <E489727E-F554-434E-B081-FB7B4C93124A@nokia.com>
To: XMLSec WG Public List <public-xmlsec@w3.org>
Cc: Frederick Hirsch <frederick.hirsch@nokia.com>
Some editorial comments on Canonical XML 2.0:

General comments

+ Through entire document fix references so that they are hyperlinks  
to the reference, e.g. [XML], [Names] should all be hyperlinks to the  
corresponding comment.

+ throughout replace "xml" with "XML"

+ throughout replace "XML signature" with "XML Signature"

a. Title page

Update shortname xmldsig-c14n2 (see http://lists.w3.org/Archives/Public/public-xmlsec/2009Sep/0026.html 
  )

after Glenn Marcy  affiliation put "(Version 1.1)"

b. 1.4 Requirements for 2.0

add reference links to [C14N] and [C14N11]

add reference for C14N11 to references section

c. 1.4.1 Performance

replace paragraph 1

"Canonicalization has been perceived as a performance bottleneck, and  
this is the major factor that contributes to the slowness of XML  
signature. However the C14N 1.x algorithms are only slow if one  
follows the algorithm exactly as written in the 1.x spec without any  
attempt at optimization."

with

"A major factor in performance issues noted in XML Signature is often  
C14N11 canonicalization. Canonicalization will be slow if the  
implementation uses the specification as basis without any attempt at  
optimization. This specification rectifies this problem by  
incorporating lessons learned from implementation into the  
specification."

In paragraph 2, replace "esoteric" with "edge"

Replace paragraph 3,
"C14N 1.x uses an "XPath 1.0 Nodeset" to describe a document subset -  
that is the root cause of the performance problem. This version of the  
spec does not use a nodeset at all. Also this algorithm visits each  
node exactly once, and it only visits the nodes that are being  
canonicalized."

with
"C14N 1.x uses an "XPath 1.0 Nodeset" to describe a document subset.  
This is the root cause of the performance problem and can be solved by  
not using a Nodeset.  This version of the spec does not use a  
nodeset,  visits each node exactly once, and it only visits the nodes  
that are being canonicalized."

d. 1.4.3 Robustness

s/canonicalization, but/canonicalization but/

change "This specification adds three features to improve robustness -  
a)remove leading and trailing whitespace from text nodes, b) allowing  
for qnames in content especially in the xsi:type attribute,  
c)rewriting prefixes"

to use a numbered list format, replace "features" with "techniques",  
add space after a) and c),  change "allowing" to "allow" , change  
"rewriting" to "rewrite"

e 1.4.4 Simplicity

remove "fledged"
replace "library, this" with "library. This"
replace "XML signatures" with "XML Signatures"
replace "spec" with "specification"

2.1 Data model

period needed at end of first sentence.
add reference for XPath Filter 2 at first use.


2.2 Parameters

remove bottom empty row in table

2.3 Processing

Fold lines in "canonicalizeSubtree" so they don't run off the page

2.3.3
Fold lines in "processNamespaces" so they don't run off the page

References
Add C14N11
Add XPath Filter 2.0
Add XML Signature Second Edition
Add XML Signature 2.0

Validity:
I do not think lang="" xml:lang="" is valid in the html element, maybe  
the content should be "en"

Broken links
  Line: 155 http://www.w3.org/TR/xmldsig-c14n/

  Line: 153 http://www.w3.org/TR/2009/WD-xmldsig-c14n-2009518/


regards, Frederick

Frederick Hirsch
Nokia
Received on Friday, 25 September 2009 20:26:09 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:59 GMT