Thanks, Scott for the clarification. Apologies Steve if I misread the question. The original Canonical XML requirements stated that the result of Canonical XML should be well-formed (section 3, number 2): http://www.w3.org/TR/1999/NOTE-xml-canonical-req-19990605 XML Security 1.1 requirements discusses the changes needed but did not change this requirement, http://www.w3.org/2008/xmlsec/Drafts/xmlsec-reqs/Overview.html XML Security 2.0 modified this requirement, explicitly stating that "Canonical output need not be valid XML" (section 3.3.2.2) http://www.w3.org/2008/xmlsec/Drafts/xmlsec-reqs2/Overview.html#modified-requirements We'll have to look at this more carefully. regards, Frederick Frederick Hirsch Nokia On Sep 7, 2011, at 10:57 AM, ext Cantor, Scott wrote: > On 9/7/11 10:51 AM, "Frederick.Hirsch@nokia.com" > <Frederick.Hirsch@nokia.com> wrote: >> >> It is the job of an XML document author to produce well-formed XML >> before any considerations of signing/encryption and XML Canonicalization. >> Any required escaping happens before security processing, and there are a >> variety of choices that can be made >> for such escaping, as well as other representation of information. >> Canonical XML is agnostic to these choices. > > I think his point is that in the process of following the spec, c14n > replaces those character references with the actual characters. So I think > the result of that is non-well-formed. I can't recall if it's an explicit > guarantee of c14n that the output be well-formed. I suspect it was a goal, > but not a guarantee. If so, it's not a bug, but perhaps something to > address in 2.0. > > -- Scott >Received on Wednesday, 7 September 2011 15:09:43 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 7 September 2011 15:09:43 GMT