W3C home > Mailing lists > Public > xml-dist-app@w3.org > February 2002

RE: Soap Message Canonicalization (SM-C14N)

From: Andrew Layman <andrewl@microsoft.com>
Date: Sat, 16 Feb 2002 20:19:17 -0800
Message-ID: <C3729BBB6099B344834634EC67DE4AE103DA379F@red-msg-01.redmond.corp.microsoft.com>
To: "Rich Salz" <rsalz@zolera.com>, "Noah Mendelsohn" <noah_mendelsohn@us.ibm.com>
Cc: "xml-dist-app" <xml-dist-app@w3.org>
Different purposes may require different canonicalizations.  For
example, the XML Encryption and Digital Signature specification provide
for an open-ended set of possible canonicalizations.  It is more likely
that specifications such as these will provide canonicalizations
suitable to their purposes than that we will invent a single one that
fits all.

-----Original Message-----
From: Rich Salz [mailto:rsalz@zolera.com] 
Sent: Saturday, February 16, 2002 3:19 PM
To: Noah Mendelsohn
Cc: xml-dist-app
Subject: Re: Soap Message Canonicalization (SM-C14N)

I agree with you, and would like to see SOAP make guarantees about how
intermediaries must preserve the order.  Until or unless that is done,
however, SM-C14N requires a unique sorting order; if you can think of a
more streaming-friendly way to do it, I'm all ears.

> * In general, I'm not sure we've motivated a single canonicalization
> SOAP.  What are the use cases.  Allowing some freedom to
> does establish equivalence classes for soap messages, but not
> one representation for each class that's considered canonical.

I'm not sure what you mean by this.  I want to be able to canonicalize a
message so that I get the identical byte stream no matter what
conforming intermediaries do. I need the identical byte stream so that
no matter who hashes [apologies to the Grinch], and no matter when in
the processing flow they hash, all hashes are the same.

Make sense?
Zolera Systems, Securing web services (XML, SOAP, Signatures,
Received on Saturday, 16 February 2002 23:20:20 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 22:01:18 UTC