- From: Andrew Layman <andrewl@microsoft.com>
- Date: Sat, 16 Feb 2002 20:19:17 -0800
- To: "Rich Salz" <rsalz@zolera.com>, "Noah Mendelsohn" <noah_mendelsohn@us.ibm.com>
- Cc: "xml-dist-app" <xml-dist-app@w3.org>
Different purposes may require different canonicalizations. For example, the XML Encryption and Digital Signature specification provide for an open-ended set of possible canonicalizations. It is more likely that specifications such as these will provide canonicalizations suitable to their purposes than that we will invent a single one that fits all. -----Original Message----- From: Rich Salz [mailto:rsalz@zolera.com] Sent: Saturday, February 16, 2002 3:19 PM To: Noah Mendelsohn Cc: xml-dist-app Subject: Re: Soap Message Canonicalization (SM-C14N) I agree with you, and would like to see SOAP make guarantees about how intermediaries must preserve the order. Until or unless that is done, however, SM-C14N requires a unique sorting order; if you can think of a more streaming-friendly way to do it, I'm all ears. > * In general, I'm not sure we've motivated a single canonicalization for > SOAP. What are the use cases. Allowing some freedom to intermediaries > does establish equivalence classes for soap messages, but not necessarily > one representation for each class that's considered canonical. I'm not sure what you mean by this. I want to be able to canonicalize a message so that I get the identical byte stream no matter what conforming intermediaries do. I need the identical byte stream so that no matter who hashes [apologies to the Grinch], and no matter when in the processing flow they hash, all hashes are the same. Make sense? /r$ -- Zolera Systems, Securing web services (XML, SOAP, Signatures, Encryption) http://www.zolera.com
Received on Saturday, 16 February 2002 23:20:20 UTC