- From: Pratik Datta <pratik.datta@oracle.com>
- Date: Tue, 27 Oct 2009 10:26:06 -0700
- To: Frederick Hirsch <Frederick.Hirsch@nokia.com>
- CC: XMLSec WG Public List <public-xmlsec@w3.org>
- Message-ID: <4AE72D2E.7020907@oracle.com>
I would put it like this.
Canonical XML should support the option of namespace prefix re-writing,
optionally including rewriting prefixes that are embedded in the content
as QNames, for example inside an xsi:type attribute. QNames embedded in
xsi:type are easy to detect, but some other instances of QNames in
content may be hard to detect, so prefix rewriting may break the meaning
of QNames. The advantage of using prefix rewriting is to avoid
attaching significance to the prefix name, because two different
prefixes names are considered to semantically equivalent if the prefixes
map to the same namespace URI, so they should canonicalize to the same
value.
Here are the changes
* Instead of just limiting prefix rewriting to xsi:type, I have
generalized the requirement to prefixes in any content, with
xsi:type being an example of it.
* I don't want to say "not guaranteed to be preserved", that is too
mild, because in both the prefix rewriting schemes that we have
suggested, all the prefixes are completely changed
* I want to qualify that we are not breaking QNames in all
situations, we are definitely taking care of QNames in xsi:type
which is actually the 80% use case for Qnames in content.
* Mentioning "semantic equivalence" of prefixes.
Should we remove the whole "Section 4. Design" from the requirements
document? All that is anyway part of the Signature 2.0 and C14N 2.0
specs now.
Pratik
Frederick Hirsch wrote:
> Here is an updated proposal to revise the requirements [1] for prefix
> normalization, taking into account xsi:type:
>
> (1) Change the section titled "Relax certain guarantees" as follows:
>
> Change section title to "Enable optional prefix rewriting" and change
> the text:
>
> "A limited revised version of Canonical XML might be one in which
> namespace prefixes are not guaranteed to be preserved, possibly
> breaking the meaning of QNames."
>
> to
>
> "Canonical XML should support the option of namespace prefix
> re-writing, optionally including rewriting within xsi:type attributes
> as well. In the case of prefix rewriting namespace prefixes are not
> guaranteed to be preserved, possibly breaking the meaning of QNames.
> The advantage of using prefix rewriting is to avoid the complexity
> and confusion with prefixes used for different namespaces in different
> subtrees. This avoids mapping issues and the need for an
> implementation to store additional information for each node. When the
> prefix rewriting option is used, the xsi:type attribute may also have
> prefix rewriting as well. "
>
> In section 4.4, "The Canonicalization Element" change #5 from
>
> "5 preservePrefixes whether the prefix name is significant. When there
> are QNames in content, prefixes are probably significant, otherwise
> they could be expanded out into URIs or converted into n1. n2, n3 etc"
>
> to
>
> "5 preservePrefixes whether the prefix name is significant. When there
> are QNames in content, prefixes are probably significant, otherwise
> they could be expanded out into URIs or converted into n1. n2, n3 etc.
> Prefixes in xsi:type attribute values can also be rewritten when
> prefix rewriting is performed if the xsiTypeAware option is set."
>
> This should close ACTION-402.
>
> regards, Frederick
>
> Frederick Hirsch
> Nokia
>
> [1] http://www.w3.org/2008/xmlsec/Drafts/transform-note/Overview.html
>
> On Oct 19, 2009, at 12:08 PM, Hirsch Frederick (Nokia-CIC/Boston) wrote:
>
>> In my absence I received an action (ACTION-402) to update the
>> requirements document for ISSUE-136.
>>
>> ISSUE-136 states: "Is normalization of prefixes a goal for 2.0 c14n"
>>
>> The 2.0 proposal supports normalization of prefixes as an option, see
>> the prefixRewrite parameter described in the Canonical XML Version 2.0
>> editors draft
>>
>> http://www.w3.org/2008/xmlsec/Drafts/c14n-20/#Canonicalization-Parameters
>>
>>
>> That document also lists requirements, specifically:
>> [[
>>
>> 1.4.3 Robustness
>>
>> Whitespace handling was a common cause of signature breakages. XML
>> libraries allow one to "pretty print" an XML document, and most people
>> wrongly assume that the white space introduced by pretty printing will
>> be removed by canonicalization but that is not the case. This
>> specification adds three techniques to improve robustness:
>>
>> • Remove leading and trailing whitespace from text nodes,
>> • Allow for QNames in content especially in the xsi:type attribute,
>> • Rewrite prefixes
>> ]]
>>
>> To complete ACTION-402, I suggest the following requirements document
>> changes to the XML Signature Transform Simplification: Requirements
>> document
>>
>> http://www.w3.org/2008/xmlsec/Drafts/transform-note/Overview.html#id83777
>>
>>
>> (1) Change the section titled "Relax certain guarantees" as follows:
>>
>> Change section title to "Enable optional prefix rewriting "
>> Change
>>
>> "A limited revised version of Canonical XML might be one in which
>> namespace prefixes are not guaranteed to be preserved, possibly
>> breaking the meaning of QNames."
>> to
>>
>> "Canonical XML should support the option of namespace prefix re-
>> writing. In this case namespace prefixes are not guaranteed to be
>> preserved, possibly breaking the meaning of QNames. The advantage of
>> using this option is avoiding the complexity and confusion of prefixes
>> that are used for different namespaces in different subtrees, avoiding
>> mapping issues and the need to store additional information for each
>> node for this mapping."
>>
>>
>>
>>
>> regards, Frederick
>>
>> Frederick Hirsch
>> Nokia
>>
>>
>>
>
>
Received on Tuesday, 27 October 2009 20:22:42 UTC