- From: Christopher R. Maden <crism@exemplary.net>
- Date: Thu, 16 Mar 2000 15:31:19 -0800
- To: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>, <w3c-xsl-wg@w3.org>
[John Boyer] >Suppose a signature in a UTF-16 document contains a URI to an XML document >that is encoded in UTF-8. The result of the URI dereference is a UTF-8 >document, whose tag names, attributes, etc. are incomparable to the >conditions set forth in the XPath expression. Unless you convert the XPath >expression to the same encoding as the XML document, or convert the XML >document to the same encoding as the expression, then you will not be able >to evaluate the expression. This is incorrect. XML and its related specifications, including XPath, operate in the character domain, not on bytes. An XPath in a UTF-16 document can operate on an XML document stored as UTF-8 without any difficulty, because the characters represented by the byte patterns are comparable. A digital signature obviously has to choose a standard encoding (UTF-16, I assume) to sign, but this isn't an issue for XPath. I'm seeing a pattern that concerns me, that possibly the XML signature effort is focusing too closely on the bit pattern representing an XML document rather than on the document itself. I thought that the XML Recommendation made it clear that they were not the same thing; the distinction between logical and physical structures in the Rec seemed pretty complete. -Chris -- Christopher R. Maden, Solutions Architect Yomu (formerly Exemplary Technologies) One Embarcadero Center, Ste. 2405 San Francisco, CA 94111
Received on Thursday, 16 March 2000 18:26:46 UTC