- From: Elliotte Harold <elharo@metalab.unc.edu>
- Date: Mon, 24 Jan 2005 15:01:20 -0500
- To: public-xml-id@w3.org
Daniel Veillard wrote: > IMHO this should be raised as a bug in XML Canonicalization v 1.0 I'd call it a design flaw. At this point in time, I'm not sure we can get away with calling it a bug and issuing an erratum. There's a lot of software out there that depends on the correct, spec compliant functioning of canonicalization, and the stack is growing monthly. I wouldn't want to guess how many other specs and systems would fall over if we pulled the this out from under them. The whole point of canonicalization is that you get guaranteed, byte-per-byte reproducibility, and changing even one bit breaks it all. On further thought, I think the best we can do is recommend that people use exclusive XML canonicalization, and just live with multiple IDs if they use the regular form. XML Digital signatures allows alternative canonicalizations, and XML encryption requires exclusive XML canonicalization to be supported. Longer term perhaps we should to define a new canonicalization algorithm that does inherit namespace mappings, xml:base, xml:space, and xml:lang (unlike exclusive XML canonicalization) but does not inherit xml:id. This would of course have different identifying URIs for use in signature and encryption. We only run into trouble if we redefine what http://www.w3.org/TR/2001/REC-xml-c14n-20010315 and http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments mean. -- Elliotte Rusty Harold elharo@metalab.unc.edu XML in a Nutshell 3rd Edition Just Published! http://www.cafeconleche.org/books/xian3/ http://www.amazon.com/exec/obidos/ISBN=0596007647/cafeaulaitA/ref=nosim
Received on Monday, 24 January 2005 20:01:23 UTC