- From: Richard Salz <rsalz@us.ibm.com>
- Date: Thu, 8 Nov 2007 12:19:13 -0500
- To: Ed Simon <edsimon@xmlsec.com>
- Cc: public-xmlsec-maintwg@w3.org
> Namespace-specific canonicalization
> does NOT mean every namespace must have its own canonicalization
> algorithm, just that the canonicalization algorithm can be set on a
> per-namespace basis.
Yes, I know, and what I said is correct -- a generic signature processor
has to know about the namespace of everything it might see, even if it's
only a default case that says 'nothing special.'
I am also concerned about combinations; assume a b and c are bound to
three different URI's
<a:foo b:foo='somevalue '>
<c:foo/>
</a:foo>
Which c14n rule applies, and where?
The concept turns a signature from being about bytes, to being about
application semantics.
/r$
--
STSM, DataPower Chief Programmer
WebSphere DataPower SOA Appliances
http://www.ibm.com/software/integration/datapower/
Received on Thursday, 8 November 2007 17:19:38 UTC