W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > October to December 2000

Re: Canonical XML typo?

From: Donald E. Eastlake 3rd <dee3@torque.pothole.com>
Date: Thu, 30 Nov 2000 20:29:43 -0500
Message-Id: <200012010129.UAA05669@torque.pothole.com>
To: "Jonathan Marsh" <jmarsh@microsoft.com>
cc: <jboyer@PureEdge.com>, <w3c-ietf-xmldsig@w3.org>

I believe 2.3 below is correct but 4.6 below needs to be changed.  In
the xpath model, namespace declarations are propagated to nodes within
their scope so you need only check the nearest available ancestor.


From:  "Jonathan Marsh" <jmarsh@microsoft.com>
Date:  Thu, 30 Nov 2000 15:49:14 -0800
Message-ID:  <330564469BFEC046B84E591EB3D4D59C1621D2@red-msg-08.redmond.corp.microsoft.com>

>Apologies for missing the CR deadline - this issue just surfaced in our
>early implementation efforts.
>Section 2.3 Processing Model
>* Namespace Nodes- A namespace node N is ignored if the nearest
>[*]ancestor[*] element of the node's parent element that is in the
>node-set has a namespace node in the node-set with the same local name
>and value as N. Otherwise, process the namespace node N in the same way
>as an attribute node, except assign the local name xmlns to the default
>namespace node if it exists (in XPath, the default namespace node has an
>empty URI and local name). 
>Section 4.6 Superfluous Namespace Declarations
>Unnecessary namespace declarations are not made in the canonical form.
>Whether for an empty default namespace, a non-empty default namespace,
>or a namespace prefix binding, the XML canonicalization method omits a
>declaration if it determines that the [*]immediate parent[*] element in
>the canonical form contains an equivalent declaration.
>Given this input:
>  <foo xmlns="http://www.example.org">
>    <bar xmlns="">
>      <foo xmlns="http://www.example.org">
>        <bar xmlns="">
>          <foo xmlns="http://www.example.org">
>        </bar>
>      </foo>
>    </bar>
>  </foo>
>And a nodelist which strips the bar elements, something like:
>  //.[not(self::bar)] | //namespace::*[not(parent::bar)]
>The canonical output would appear to be:
>  <foo xmlns="http://www.example.org">
>    <foo>
>      <foo xmlns="http://www.example.org"/>
>    </foo>
>  </foo>
>(Please excuse any canonicalization errors or whitespace differences
>here that aren't germain to my point.)
>It appears that superfluous declarations can still squeak through.  In
>other words, this example is so contrived to circumvent section 2.3, by
>ensuring that no ancestor in the source document has a duplicate
>namespace node.  And 4.6 only applies to immediate parents in the output
>document, and not to ancestors, and thus applies to the first child foo,
>but not the grandchild foo.
>Should "immediate parent" in 4.6 instead be removed in favor of
>something that more closely resembled the scoping rules of the Namespace
>Jonathan Marsh
Received on Thursday, 30 November 2000 20:25:28 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:35 UTC