- From: Frederick Hirsch <frederick.hirsch@nokia.com>
- Date: Wed, 3 Sep 2008 08:55:23 -0400
- To: ext Pratik Datta <pratik.datta@oracle.com>
- Cc: Frederick Hirsch <frederick.hirsch@nokia.com>, public-xmlsec@w3.org
One of the original requirements was that the canonicalized form could be retained and treated as a source document. In that case the XML has to be well-formed. However I tend to agree that perhaps we should remove the requirement that the canonicalized form be retained as a user visible document. in that case it becomes part of the internal signing process, no longer visible and is used only for digesting. regards, Frederick Frederick Hirsch Nokia (sent not as chair) On Sep 2, 2008, at 9:17 PM, ext Pratik Datta wrote: > Isn't the canonicalized output only used for digesting? And a SHA1 > digest size is always 20 bytes regardless of the input size. So > what do we benefit by reducing the XML size? > > In the streaming proposal http://lists.w3.org/Archives/Public/ > public-xmlsec/2008Sep/0000.html I have suggested that we combine > the canonicalization and the digesting for efficiency, so as the > canonicalizer emits bytes for each element, those bytes are > immediately fed to a digestor which maintains a running digest, and > at end you end up with a digest for that reference, without needing > to allocate temporary memory to store the entire canonicalization > output. > > Maybe the comment was about using canonicalization in a different > context, i.e. not for signing/verification. > > Pratik > > > Thomas Roessler wrote: >> >> On 2008-08-27 10:44:08 -0400, Frederick Hirsch wrote: >>> >>> Isn't the answer here that XML needs to remained well-formed, so no? >> If the output of Canonicalization needs to be well-formed XML, >> then the answer to the comment is indeed "no". If the requirement >> is relaxed, then the answer is probably "maybe". >>> >>> regards, Frederick Frederick Hirsch Nokia On Aug 15, 2008, at >>> 7:36 AM, ext Thomas Roessler wrote: >>>> >>>> fyi, this came in as a comment on Canonical XML. FWIW, I'll make >>>> sure that public-xmlsec-comments gets subscribed to the comment >>>> mailing lists for all the specs that we are chartered to deal >>>> with, to make it easier to follow them all. Regards, -- Thomas >>>> Roessler, W3C <tlr@w3.org> ----- Forwarded message from Amol >>>> Patil <amolspatil@gmail.com> ----- From: Amol Patil >>>> <amolspatil@gmail.com> To: www-xml-canonicalization- >>>> comments@w3.org Date: Thu, 14 Aug 2008 20:14:06 +0100 Subject: >>>> xml canonicalization - proposition - elimination of element name >>>> from end tag List-Id: <www-xml-canonicalization-comments.w3.org> >>>> X-Spam-Level: Archived-At: <http://www.w3.org/mid/ >>>> 9744f7ad0808141214w680af2dcsb443c034d57d48e3@mail.gmail.com> X- >>>> Bogosity: Ham, tests=bogofilter, spamicity=0.000000, >>>> version=1.1.6 Can xml canonicalization further be extended to >>>> eliminate the need of the name of the element in end tag / make >>>> it optional? Objective here is to reduce the size of overall xml >>>> content E.g. <RootElement> <FirstChildElement> >>>> <FirstChildOfFirstChildElement></> >>>> <SecondChildOfFirstChildElement></> </> <SecondChildElement></> >>>> </> There is a slight loss of readability here at the gain of >>>> reduced content size. Thanks ----- End forwarded message ----- >
Received on Wednesday, 3 September 2008 12:56:30 UTC