Comments omitted, was RE: Interop Issues from John Boyer on 2000-08-24 (w3c-ietf-xmldsig@w3.org from July to September 2000)

From: John Boyer <jboyer@PureEdge.com>
Date: Thu, 24 Aug 2000 13:02:39 -0700
To: "TAMURA Kent" <kent@trl.ibm.co.jp>, "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>
Cc: "Joseph Reagle" <reagle@w3.org>
Message-ID: <BFEDKCINEPLBDLODCODKOEJFCEAA.jboyer@PureEdge.com>

Hi Kent,

Both the old enveloped sig transform (had it worked) and the one under the
newly proposed transform processing model would have resulted in omitted
comments.

Although the enveloped signature transform does not explicitly exclude the
comments, the <Reference URI=""> under the old system would have
canonicalized the current document to form the octet stream input for the
enveloped signature.  C14N omits comments by default.  Under the new system,
it is explicitly stated that URI="" results in a full node-set that omits
comments.

Joseph: This is exactly why the spec needed to be more specific about
comments versus no comments.  One byte of comment where it doesn't belong
and BOOM, failed reference validation.  I would therefore ask you to please
be generous in the number of changes I made that you decide to keep and/or
not substantially alter.

Thanks,
John Boyer
Development Team Leader,
Distributed Processing and XML
PureEdge Solutions Inc.
Creating Binding E-Commerce
v: 250-479-8334, ext. 143  f: 250-479-3772
1-888-517-2675   http://www.PureEdge.com <http://www.pureedge.com/>

-----Original Message-----
From: w3c-ietf-xmldsig-request@w3.org
[mailto:w3c-ietf-xmldsig-request@w3.org]On Behalf Of TAMURA Kent
Sent: Thursday, August 17, 2000 6:25 PM
To: IETF/W3C XML-DSig WG
Subject: Re: Interop Issues

In message "Re: Interop Issues"
    on 00/08/17, TAMURA Kent <kent@trl.ibm.co.jp> writes:
> As canonicalizing the SignedInfo element or serializing the
> result of enveloped-siganture transform and URI="#ID", I guess
> an element is serialized with xml: prefixed attributes in its
> ancestors because these cases are *subsets* of a document.  But
> I don't know whether comment nodes are serialized or not because
> these subsets are not defined as XPath expressions.

I had a mistake.  XPath expression for the enveloped-signature
transform is defined in the specificatoin.  Comment nodes are
serialized in the enveloped-signature transform.

--
TAMURA Kent @ Tokyo Research Laboratory, IBM

Received on Thursday, 24 August 2000 16:02:48 UTC