- From: Frederick Hirsch <frederick.hirsch@nokia.com>
- Date: Fri, 5 Sep 2008 11:48:14 -0400
- To: public-ws-policy@w3.org
- Cc: Frederick Hirsch <frederick.hirsch@nokia.com>
I have recorded two new issues in Bugzilla against the Framework and Primer Recommendations - proposed errata. In both cases this includes correction of a note related to C14N11, addition of a reference for XML Signature (Second Edition), correction of the C14N11 reference and removal of [SecSpecMaintWG] reference. http://www.w3.org/Bugs/Public/show_bug.cgi?id=6029 Summary: Note on using xml:id should reference Canonical XML 1.1 and XML Signature, Second Edition Product: WS-Policy Version: PR Platform: Macintosh URL: http://www.w3.org/TR/2007/REC-ws-policy- 20070904/#Policy_Identification OS/Version: MacOS X Status: NEW Severity: normal Priority: P1 Component: Framework AssignedTo: fsasaki@w3.org ReportedBy: frederick.hirsch@nokia.com QAContact: public-ws-policy-qa@w3.org Title - Note on using xml:id should reference Canonical XML 1.1 and XML Signature, Second Edition Description/Justification Currently section 4.2, Policy Identification contains a note that use of Canonical XML 1.0 with xml:id is not appropriate. This is correct. It has an additional Note that Canonical XML 1.1 is intended to address this and that the XML Security Specifications Maintenance WG has been chartered to investigate. This is no longer accurate since Canonical XML 11 has been released as a Recommendation as has XML Signature (Second Edition). Target - framework Proposal Create Proposed Errata against Framework document. (Part 1) Replace the following text in section 4.2, Policy Identification: --- Note: Canonical XML 1.1 [C14N11] is intended to address the issues that occur with Canonical XML 1.0 with regards to xml:id. The W3C XML Security Specifications Maintenance WG has been chartered to address how to integrate Canonical XML 1.1 with XML Security, including XML Signature [SecSpecMaintWG] (See http://www.w3.org/2007/xmlsec/.) --- With the following text: --- Note that is is acceptable to sign a policy expression identified using xml:id with XML SIgnature (Second Edition) [XML-Signature-2ndEdition] and Canonical XML 1.1 [C14N11], as these recommendations address issues related to the use of xml:id and xml:base. --- (Part 2) Update the reference to C14N11 in Appendix B.2. Replace the following: --- Canonical XML 1.1, J. Boyer and G. Marcy Authors. W3C Candidate Recommendation, 21 June 2007. This is a work in progress. This version is available at http://www.w3.org/TR/2007/CR-xml-c14n11-20070621. The latest version of Canonical XML 1.1 is available at http://www.w3.org/TR// xml-c14n11/. --- with Canonical XML 1.1, J. Boyer and G. Marcy Authors. W3C Recommendation, 2 May 2008. This version is available at http://www.w3.org/TR/2008/REC-xml-c14n11-20080502. The latest version of Canonical XML 1.1 is available at http://www.w3.org/TR//xml-c14n11/. --- (Part 3) Add a reference to Appendix B.2 for XML Signature (Second Edition) after the reference to [XMLSignature]: ---- [XML-Signature-2ndEdition] XML Signature Syntax and Processing, D. Eastlake, J. Reagle, D. Solo, F. Hirsch, and T. Roessler Editors. W3C Recommendation, 10 June 2008. This version of the XML Signature Syntax and Processing Recommendation is http://www.w3.org/TR/2008/REC-xmldsig- core-20080610/. The latest version of XML-Signature Syntax and Processing is available at http://www.w3.org/TR/xmldsig-core/. ---- (note removal of hyphen in title in Second Edition) --- (Part 4) Remove [SecSpecMaintWG] reference. --- http://www.w3.org/Bugs/Public/show_bug.cgi?id=6030 Summary: Note on using xml:id should reference Canonical XML 1.1 and XML Signature, Second Edition Product: WS-Policy Version: PR Platform: Macintosh URL: http://www.w3.org/TR/2007/NOTE-ws-policy-primer- 20071112/#Referencing_Policy_Expressions OS/Version: MacOS X Status: NEW Severity: normal Priority: P2 Component: Primer AssignedTo: fsasaki@w3.org ReportedBy: frederick.hirsch@nokia.com QAContact: public-ws-policy-qa@w3.org Section 2.10 Referencing Policy Expressions after example 2.16 has same issue as framework, note needs to be replaced. Description/Justification Currently Section 2.10 Referencing Policy Expressions after example 2.16 contains a note that use of Canonical XML 1.0 with xml:id is not appropriate. This is correct. It has an additional Note that Canonical XML 1.1 is intended to address this and that the XML Security Specifications Maintenance WG has been chartered to investigate. This is no longer accurate since Canonical XML 11 has been released as a Recommendation as has XML Signature (Second Edition). Target - primer Proposal Create Proposed Errata against Primer document. (Part 1) Replace the following text in Section 2.10 Referencing Policy Expressions after example 2.16: --- Note: Canonical XML 1.1 [C14N11] is intended to address the issues that occur with Canonical XML 1.0 with regards to xml:id. The W3C XML Security Specifications Maintenance WG has been chartered to address how to integrate Canonical XML 1.1 with XML Security, including XML Signature [SecSpecMaintWG] (See http://www.w3.org/2007/xmlsec/.) --- With the following text: --- Note that is is acceptable to sign a policy expression identified using xml:id with XML SIgnature (Second Edition) [XML-Signature-2ndEdition] and Canonical XML 1.1 [C14N11], as these recommendations address issues related to the use of xml:id and xml:base. --- (Part 2) Update the reference to C14N11 in Appendix C. Replace the following: --- Canonical XML 1.1, J. Boyer and G. Marcy Authors. W3C Candidate Recommendation, 21 June 2007. This is a work in progress. This version is available at http://www.w3.org/TR/2007/CR-xml-c14n11-20070621. The latest version of Canonical XML 1.1 is available at http://www.w3.org/TR// xml-c14n11/. --- with Canonical XML 1.1, J. Boyer and G. Marcy Authors. W3C Recommendation, 2 May 2008. This version is available at http://www.w3.org/TR/2008/REC-xml-c14n11-20080502. The latest version of Canonical XML 1.1 is available at http://www.w3.org/TR//xml-c14n11/. --- (Part 3) Add a reference to Appendix C for XML Signature (Second Edition) : ---- [XML-Signature-2ndEdition] XML Signature Syntax and Processing, D. Eastlake, J. Reagle, D. Solo, F. Hirsch, and T. Roessler Editors. W3C Recommendation, 10 June 2008. This version of the XML Signature Syntax and Processing Recommendation is http://www.w3.org/TR/2008/REC-xmldsig- core-20080610/. The latest version of XML-Signature Syntax and Processing is available at http://www.w3.org/TR/xmldsig-core/. ---- (note removal of hyphen in title in Second Edition) --- (Part 4) Remove [SecSpecMaintWG] reference. ---- regards, Frederick Frederick Hirsch Nokia
Received on Friday, 5 September 2008 15:49:07 UTC