W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > January to March 2000

Comments on new XPath Filtering proposal

From: Gregor Karlinger <gregor.karlinger@iaik.at>
Date: Mon, 27 Mar 2000 13:14:16 +0200
To: "John Boyer" <jboyer@PureEdge.com>, "IETF/W3C XML-DSig WG (E-mail)" <w3c-ietf-xmldsig@w3.org>
Message-ID: <NDBBIMACDKCOPBLEJCCDIECMCEAA.gregor.karlinger@iaik.at>

please find my comments on your latest proposal for the XPath Filtering
section attached to the corresponding sections below. As I am not an
XPath expert, please be patient with some of my questions ;-)

> -----Original Message-----
> From: w3c-ietf-xmldsig-request@w3.org
> [mailto:w3c-ietf-xmldsig-request@w3.org]On Behalf Of John Boyer
> Sent: Friday, March 24, 2000 1:15 AM
> To: IETF/W3C XML-DSig WG (E-mail)
> Cc: Martin J. Duerst; James Clark; Joseph Reagle; Eastlake
> Donald-LDE008; TAMURA Kent; Christopher R. Maden; Jonathan Marsh; Ed
> Simon
> Subject: RE: Enveloped signatures and XPath
> Executive overview
> ==================


> <p>Based on the expression evaluation requirements of the XPath function
> library,
> the <b>document order</b> position of each node must be available in the
> parse tree,

How can I achive this with a standard DOM parser?


> <h4> XPath Transform Functions</h4>
> <p>The function library of the XPath transform includes all functions
> defined
> by the XPath specification plus the serialize() function defined
> below.  For most XPath transforms, serialize() need not be called
> explicitly
> since it is called automatically if the expression result is a node-set.
  Who makes this call? The XPath engine? How would the XPath engine
  behave if the serialize function was not defined?


> <h4 name="sec-XPathTransformOutput"> XPath Transform Output</h4>
> <p>The result of the XPath expression is a string, boolean, number, or
> node-set.
> If the result of the XPath expression is a string, then the
> string converted
> to
> UTF-8 is the output of the XPath transform. If the result is a boolean or
> number,
> then the XPath transform output is computed by calling the XPath string()
> function
> on the boolean or number then converting to UTF-8.
> If the result of the XPath expression is a node-set, then the XPath
> transform
> result is computed by applying the serialize() function to the node-set,
> then
> converting the resulting string to UTF-8.</p>

Again, is this call to the serialize() function made automatically by the
XPath engine?

I deduce the following tasks for the output transformation
from the assertions made so far, depending on the XPath expression's result:

* If result is a string, convert it to UTF-8

* If result is boolean/number, explicitely call the XPath string() function
  and then convert its result to UTF-8

* If result is a node set, the actual result of the XPath processing is
  already a string, which must be finally converted to UTF-8

Am I right?


>The node test
> returns true for all
> nodes except the <code>SignatureValue</code> and
> <code>KeyInfo</code> child
> elements and the
> and the <code>DigestValue</code> descendants of <code>Signature</code> S1.

Why omitting KeyInfo? I think this is a little bit confusing here since
KeyInfo can be made available before computing the Reference's digest.

Regards, Gregor
Gregor Karlinger
Phone +43 316 873 5541
Institute for Applied Information Processing and Communications
Received on Monday, 27 March 2000 06:15:40 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:33 UTC