RE: Plenary

Hi Martin,

I am personally OK with this approach, but I wonder how many existing
documents it will rule out signing.

For example, unless I'm misreading rfc2396, <e xmlns="string"/> is now
deprecated.  It seems ludicrous that I cannot sign well-formed document.  It
is as if it is not well-formed, which contradicts the plenary's own

I think instead that we should focus on the intent of the plenary as
manifested in Answer 4 of [1], which indicates that we should be calling
these things namespace *names*, not namespace URIs.  We want conformant
software to retain the original namespace name; we don't care about URIs.


John Boyer
Development Team Leader,
Distributed Processing and XML
PureEdge Solutions Inc.
Creating Binding E-Commerce
v: 250-479-8334, ext. 143  f: 250-479-3772
1-888-517-2675 <>

-----Original Message-----
From: Martin J. Duerst []
Sent: Monday, September 11, 2000 7:20 PM
To: John Boyer; Jonathan Marsh;
Subject: RE: C14N: Non-absolutized URIs

At 00/09/11 17:03 -0700, John Boyer wrote:
>No, the fact that XPath permits application-dependent behavior means only
>that the plenary has forced it (along with all other groups) to accept
>application-depedent behavior.
><john>Right, and as an application of XPath, we are choosing the behavior
>that is most appropriate to our application.  No matter how much the
>wants to force things on dsig, there is nothing they can do to change the
>behavior of a sha-1 hash.  We MUST have a single behavior, therefore we

No, if you follow the recommendation of the plenary (which I think you
do), then the right way is to say that relative URI's behaviour is
and that they therefore should not be used for signatures. C14N applications
may/should/must issue a warning when they find one of these when the are
used to prepare for signing.

Regards,   Martin.

Received on Tuesday, 12 September 2000 12:32:06 UTC