- From: Paul Cotton <Paul.Cotton@microsoft.com>
- Date: Wed, 4 Oct 2006 09:58:48 -0700
- To: "jose.kahan@w3.org" <jose.kahan@w3.org>
- CC: "public-ws-policy@w3.org" <public-ws-policy@w3.org>
The WS-Policy WG has reviewed your email and we believe the heart of the XML Core WG proposal is in the following paragraph: > You may wish to apply the procedure described in Section 2.2 of the > dsig-usage note [2] to apply a C14N/1.1 transformation. This could > help you avoid having to define an alternate xml:id attribute. The WS-Policy WG does NOT want to remove the usage of wsu:id from our specification due to the following three reasons: a) Support for wsu:id must not be removed since our charter strongly urges backwards compatibility with existing policy assertions in: "Web Services Policy should remain compatible with existing policy assertions and offer a smooth migration path for these assertions (where applicable)." b) Support for wsu:id must not be removed since it is unlikely that WS-Policy CR implementations will include support for xml:id, C14N/1.1 and/or the as yet to be started revised version of XML DSig. c) Support for wsu:id must not be removed since it is premature to normatively depend on C14N/1.1 or the dsig-usage Note since they have not yet proceeded through CR and the proposed W3C XML DSig revision work has not yet begun (although it is proposed). The WS-Policy WG is willing to add non-normative references to the C14N/1.1 WD and the dsig-usage Note as guidance to how the problems with xml:id MAY be solved. Please let us know if you agree with this disposition of your comment. /paulc For the WS-Policy WG Paul Cotton, Microsoft Canada 17 Eleanor Drive, Ottawa, Ontario K2E 6A3 Tel: (613) 225-5445 Fax: (425) 936-7329 mailto:Paul.Cotton@microsoft.com > -----Original Message----- > From: public-ws-policy-request@w3.org [mailto:public-ws-policy- > request@w3.org] On Behalf Of Jose Kahan > Sent: September 20, 2006 11:35 AM > To: public-ws-policy@w3.org > Subject: New C14N/1.1 WD and Web Services Policy 1.5 - Framework (ed. > copy) > > > Hello, > > I'm writing on behalf of the XML-Core Working Group. We'd like to bring to > your attention that we have published three C14N related documents and > welcome > review to them [1]. > > Specifically, there is a new Working Draft for C14N/1.1 that takes into > account different issues related to C14N and the evolution of XML core > technologies, including xml:id. > > In parallel, W3C is working on a charter for a new W3C Working Group that > would have task of making an editorial revision of XML Signature to make > mandatory the use of C14N/1.1, thus making it possible to correctly take > into > documents that include xml:id attributes. See the related dsig-usage note > [2] and the thread on the w3c-ietf-xmldsig mailing list [3]. > > In particular, this work should solve the problem you describe in > Section 4.2 of the recent Editor's Draft for the Web Services Policy 1.5 - > Framework [4]: > > <quote> > > /wsp:Policy/(@wsu:Id | @xml:id) > > The identity of the policy expression as an ID within the enclosing XML > document. If omitted, there is no implied value. To refer to this policy > expression, an IRI-reference MAY be formed using this value per Section > 4.2 of WS-Security [WS-Security 2004] when @wsu:Id is used. > > The use of xml:id attribute in conjunction with Canonical XML 1.0 is > inappropriate as described in Appendix C of xml:id Version 1.0 [XML ID] > and thus this combination must be avoided (see [C14N 1.0 Note]). For > example, a policy expression identified using xml:id attribute should not > be signed using XML Digital Signature when Canonical XML 1.0 is being used > as the canonicalization method. > > </quote> > > You may wish to apply the procedure described in Section 2.2 of the > dsig-usage note [2] to apply a C14N/1.1 transformation. This could help > you avoid having to define an alternate xml:id attribute. > > You can send comments related to the C14N drafts to the following > public-archived list: > > www-xml-canonicalization-comments@w3.org > > Best regards, > > -jose > > [1] > http://www.w3.org/2002/02/mid/CF83BAA719FD2C439D25CBB1C9D1D30204ABFCD3@HQ- > MAIL4.ptcnet.ptc.com > > [2] http://www.w3.org/TR/2006/WD-DSig-usage-20060915/ > > [3] > http://www.w3.org/2002/02/mid/20060918163151.GO2766@raktajino.does-not- > exist.org > > [4] > http://dev.w3.org/cvsweb/~checkout~/2006/ws/policy/ws-policy- > framework.html?content-type=text/html;charset=utf-8#Policy_Identification
Received on Wednesday, 4 October 2006 16:59:53 UTC