W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > January to March 2003

Re: SOAP Message Canonicalization

From: Rich Salz <rsalz@datapower.com>
Date: Fri, 10 Jan 2003 12:40:48 -0500
Message-ID: <3E1F05A0.5000404@datapower.com>
To: Marc Hadley <marc.hadley@sun.com>
CC: Joseph Reagle <reagle@w3.org>, dee3@torque.pothole.com, w3c-xml-protocol-wg@w3.org, Martin Gudgin <mgudgin@microsoft.com>, w3c-ietf-xmldsig@w3.org

> Sorry for the confusion, I meant specify a transform and assign it a 
> URI. Then assign another URI to the combination of the transform 
> specified and exclusive canonicalization as a 'new' canonicalization 
> algorithm.

Oh he--.  This points out a slippery slope.

As it says, exclusive canonicalization is meant to address issues that 
come up when a signed message is packaged/enveloped.  Since the 
SignedInfo element itself is subject to the same package/enveloping 
issues, then one might want c14n-excl on  the SignedInfo element. But 
since you can't do arbitrary transforms, then each time you want to 
mix-and-match, you have to define a new URI that represents that 
combination.

Ugh.  Kiss interop goodbye.
	/r$
Received on Friday, 10 January 2003 12:40:49 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:16 GMT