updated editor's draft from Thomas Roessler on 2007-07-26 (public-xmlsec-maintwg@w3.org from July 2007)

From: Thomas Roessler <tlr@w3.org>
Date: Thu, 26 Jul 2007 11:10:06 -0500
To: public-xmlsec-maintwg@w3.org
Message-ID: <20070726161006.GY17655@raktajino.does-not-exist.org>
I've made changes corresponding to Paul's proposals in the latest
iteration of the editor's draft:

  XML-Signature Syntax and Processing
  Editor's Draft $Date: 2007/07/26 16:06:49 $
  http://www.w3.org/2007/xmlsec/Drafts/xmldsig-core/

Specifically:

- added "Support of the xpointer() scheme [XPointer-xpointer] beyond the
  minimal usage discussed in this section is discouraged." to the
  insert in section 4.3.3.2, where the behavior of the xpointer()
  idioms we need is defined

- Replaced the duplicate definition of these XPointers in section
  4.3.3.3 by a reference to 4.3.3.2

- Moved the definition of same-document URI references in 4.3.3.2
  out of a parenthesis into a separate paragraph.

While writing this, it occurs to me that the reference to the
xpointer() Working Draft that I meant to insert is still missing.
Doing that in a moment.
-- 
Thomas Roessler, W3C  <tlr@w3.org>





On 2007-07-18 13:14:07 -0400, Grosso, Paul wrote:
> From: "Grosso, Paul" <pgrosso@ptc.com>
> To: Thomas Roessler <tlr@w3.org>
> Cc: Frederick Hirsch <frederick.hirsch@nokia.com>, w3c-xml-cg@w3.org,
> 	public-xmlsec-maintwg@w3.org
> Date: Wed, 18 Jul 2007 13:14:07 -0400
> Subject: RE: intent to squat on xpointer() -- normative referenceissue(ACTION-66)
> X-Spam-Level: 
> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.1.5
> 
>  
> 
> > -----Original Message-----
> > From: Thomas Roessler [mailto:tlr@w3.org] 
> > Sent: Wednesday, 2007 July 18 11:59
> > To: Grosso, Paul
> > Cc: Frederick Hirsch; w3c-xml-cg@w3.org; public-xmlsec-maintwg@w3.org
> > Subject: Re: intent to squat on xpointer() -- normative 
> > referenceissue(ACTION-66)
> > 
> > On 2007-07-18 12:18:08 -0400, Grosso, Paul wrote:
> 
> > > My only remaining question is whether it is the case
> > > that the spec will allow only those two forms of xpointer,
> > > or if the spec allows other forms to be supported.  Since
> > > xpointer doesn't really exist, if you can live with just
> > > #xpointer(/) and #xpointer(id('ID')), those are the only
> > > forms you should allow and the spec should make that clear.
> > 
> > The intent of the current draft is to only mention the xpointer()
> > scheme with respect to these two idioms; referencing the WD there
> > makes a lot of sense.
> > 
> > Other than that, XPointer support (generically) has been
> > capital-letters OPTIONAL in the existing recommendation, and there
> > has been no proposal to change that.  Given that (theoretically),
> > xpointer() could still move to Rec, I wonder if we should say
> > anything more?
> 
> Given the unusual circumstance we find ourselves in at
> this time--a Recommendation that normatively references
> a Working Draft--I think some (non-normative) Note 
> indicating that support of the xpointer() scheme beyond
> the minimal use discussed above is discouraged.
> 
> > 
> > > Finally, the claim that the XPointer Framework Recommendation
> > > says that the use of such an xpointer implies that comments are
> > > not preserved is false.  I assume it is due to a misreading of
> > > the Conformance section that says:
> > 
> > There's no intent to attribute that behavior to the XPointer
> > Framework rec: Rather, it's a property of XML Signature's processing
> > model for same-document references, see point 5 in section 4.3.3.3.
> > 
> >   http://www.w3.org/TR/xmldsig-core/#sec-Same-Document
> 
> Ah, my misunderstanding.  I'm glad to hear that.
> 
> However, I do think you might do some minor rewording 
> to ensure others who give the spec a quick read don't
> follow my misstep.
> 
> The last paragraph (before the examples) in section
> 4.3.3.2 The Reference Processing Model starts as follows:
> 
>  When a fragment is not preceded by a URI in the URI-Reference,
>  XML signature applications MUST support the null URI and
>  barename XPointer. We RECOMMEND support for the same-document
>  XPointers '#xpointer(/)' and '#xpointer(id('ID'))' if the
>  application also intends to support any canonicalization that
>  preserves comments. (Otherwise URI="#foo" will automatically
>  remove comments before the canonicalization can even be invoked.) 
> 
> Out of context, that does make it sound like it's the use
> of barename XPointer that causes comments to be lost.
> 
> Perhaps all you need is to augment the parenthetical phrase to:
> 
>  (Otherwise URI="#foo" will automatically remove comments before
>  the canonicalization can even be invoked due to the last step
>  in processing a same-document reference [link to #sec-Same-Document].)
> 
> paul
> 
>
Received on Thursday, 26 July 2007 16:10:10 UTC