Re: SOAP Message Canonicalization

On Friday, Jan 10, 2003, at 11:12 US/Eastern, Joseph Reagle wrote:

> On Friday 10 January 2003 10:55, Marc Hadley wrote:
>>> <Reference
>>>  URI="http://example.com/foo.html">
>>>   <Transforms>
>>>     <Transform Algorithm="http://www.w3.org/2002/11/sm-c14n"/>
>>>     <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
>>>   </Transforms>
>>
>> Would there be any value in specifying both a distinct transform and a
>> canonicalization algorithm ?
>
> This is what I did above... Oh, there's probably a terminology issue
> involved? A canonicalization algorithm *is* a transform. It's a 
> transform
> that's understood to create a canonical form without incidental 
> variances
> (under some applications definition of "incidental"); these particular
> types of transforms can be applied against SignedInfo as well -- while
> generic multi-step transform processes can't. So with this said, what
> exactly did you mean?
>
Sorry for the confusion, I meant specify a transform and assign it a 
URI. Then assign another URI to the combination of the transform 
specified and exclusive canonicalization as a 'new' canonicalization 
algorithm.

>>> 3. Just curious, but how much of a demand was for these application
>>> variances, particularly "0" and "false." (Would seem easier just to
>>> choose
>>> one from the outset...?)
>>
>> IIRC, the working group wanted to use the standard simple schema types
>> where possible. Even if this were fixed we would still have to
>> normalize 'defaulted' attribute values, processing instructions and
>> whitespace.
>
> But, if I understand correctly, you don't want to require schema 
> validation?
> (Otherwise, SchemaCentic c14n might be worth consideration?
>   http://www.uddi.org/pubs/SchemaCentricCanonicalization-20020710.htm
> )
>
True, there is some slight schizophrenia there ;-).

Marc.

--
Marc Hadley <marc.hadley@sun.com>
Web Technologies and Standards, Sun Microsystems.

Received on Friday, 10 January 2003 12:21:36 UTC