W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 2001

C14N Argument

From: Dournaee, Blake <bdournaee@rsasecurity.com>
Date: Wed, 25 Jul 2001 13:46:39 -0700
Message-ID: <E7B6CB80230AD31185AD0008C7EBC4D2DAEFC6@exrsa01.rsa.com>
To: "'Joseph M. Reagle Jr.'" <reagle@w3.org>
Cc: "'w3c-ietf-xmldsig@w3.org'" <w3c-ietf-xmldsig@w3.org> 
Hello All,

There is something that I have been pondering about XML Signatures.
Specifically, the current Candidate Rec allows for the use of Canonical XML
as a transform in the "transformation pipeline" above and beyond the use of
C14N to convert any node-set to octets. 

Consider this Argument:

1. If a Reference is to be processed as "XML" (node-set), it will be
canonicalized implicitly when the node-set is converted to octets at the end
of the transformation pipeline. 

2. If a Reference is to be processed as octets, canonicalization is
meaningless, since we don't know what the file format is anyhow

3. C14N, when used as a part of the transformation pipeline is redundant.

Is there some exception to my argument here? What is missing?

Kind Regards,


Blake Dournaee
Toolkit Applications Engineer
RSA Security
 
"The only thing I know is that I know nothing" - Socrates
Received on Wednesday, 25 July 2001 16:47:29 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:13 GMT