Hello all,
Attached is a new draft of the c14n spec. It addresses the readability
issues pointed out by Joseph, the character model issues pointed out by
Martin and the i18n group, and it adds a section to the appendix making it
clear that we also changed c14n from the prior work by including namespace
declarations inherited from ancestors.
There were only two behavioral changes from the prior draft. We add the
requirement that XML processors use NFC when converting non-Unicode XML
documents to the UCS character domain, as requested by the i18n group. We
also add the information on what to do if the XPath doesn't return a
node-set, which was inadvertently omitted as the result of a change to the
June 1st draft.
I will be out of the office until July 19, but I would like someone to ask
if someone in the group could explain whether we have a security risk of any
kind resulting from the seeming omission of external unparsed entities and
the corresponding notations that associate them with applications. This was
a feature of the older c14n, and it persists, but since we can place
requirements on the XML processor used to create the XPath data model, I am
wondering if we should do something about this?
Thanks,
John Boyer
Development Team Leader,
Distributed Processing and XML
PureEdge Solutions Inc. (formerly UWI.Com)
Creating Binding E-Commerce
v: 250-479-8334, ext. 143 f: 250-479-3772
1-888-517-2675 http://www.PureEdge.com
