- From: Pratik Datta <pratik.datta@oracle.com>
- Date: Mon, 19 Sep 2011 12:56:50 -0700 (PDT)
- To: Norman Walsh <ndw@nwalsh.com>, frederick.hirsch@nokia.com
- Cc: public-xmlsec@w3.org, public-xml-core-wg@w3.org
Paul,
How does this new text sound ?
"When serializing a Signature element or signed XML data that's the child of other elements using these data models, that Signature element and its children, may contain namespace declarations from its ancestor context. In addition, the Canonical XML and Canonical XML with Comments algorithms defines special treatment for attributes in the XML namespace, which can cause them to be part of the canonicalized XML even if they were outside of the document subset. Simple inheritable attributes (such as xml:lang) are inherited from nearest ancestor in which they are declared to the apex node of canonicalized XML unless they are already declared at that node. This may frustrate the intent of the signer to create a signature in one context which remains valid in another."
Notice that we have
1) changed the term "XML namespace attributes" to "attributes in XML namespace".
2) Used the term "inherit" rather than "import".
3) Mentioned that only "simple inheritable attributes" are inherited e.g xml:lang. xml:id is not inherited as of Canonical XML 1.1
These changes also make it consistent with our terminology in the Canonical XML specification.
This new text is present in section B.8 of the Sept 19th draft http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/
Pratik
-----Original Message-----
From: Norman Walsh [mailto:ndw@nwalsh.com]
Sent: Wednesday, September 07, 2011 8:50 AM
To: frederick.hirsch@nokia.com
Cc: public-xmlsec@w3.org; public-xml-core-wg@w3.org
Subject: Re: FW: FW: Last Call for XML Signature 2.0, Canonical XML 2.0 and XML Signature Streaming Profile of XPath 1.0 ( LC-2488)
"Grosso, Paul" <pgrosso@ptc.com> writes:
> As I explained at
> http://lists.w3.org/Archives/Public/public-xml-core-wg/2011Sep/0005
> I will be offline from tomorrow through September 26, so I have taken
> the liberty of making a private comment (per the above cited email).
>
> I cannot suggest exact language, since I don't know how you want to
> deal with attributes in the XML namespace like xml:id that probably
> should not be "imported" (I'm not sure what "imported" means since a
> scan of the draft indicates the use in B.8 is the only use of the
> otherwise undefined term).
>
> But I'm quite sure that:
>
> 1. you shouldn't use the term "XML namespace attributes" to refer
> to "attributes in the XML namespace", and
>
> 2. you need to be clearer what "import" means and how you want to
> deal with at least xml:id which, I wouldn't think, you'd want
> to handle in the same way as things like xml:lang.
>
> Apologies if I am missing something obvious; if, in my absence, the
> XML Core WG disagrees with me, their opinion overrides mine.
On the contrary, at the meeting of 7 September[1], the XML Core WG agreed to endorse Paul's comments as Working Group comments. Please let us know if you have any further questions or concerns.
Be seeing you,
norm
[1] http://lists.w3.org/Archives/Public/public-xml-core-wg/2011Sep/0007.html
--
Norman Walsh
Lead Engineer
MarkLogic Corporation
Phone: +1 413 624 6676
www.marklogic.com
Received on Monday, 19 September 2011 19:58:39 UTC