- From: Rob Lugt <roblugt@elcel.com>
- Date: Wed, 16 May 2001 19:13:06 +0100
- To: "John Boyer" <JBoyer@PureEdge.com>, "merlin" <merlin@baltimore.ie>, <reagle@w3.org>
- Cc: <w3c-ietf-xmldsig@w3.org>
> <rob> <snip/> However, if you are willing to put some onus on the > application to be aware of the namespace context of the document > fragment, then perhaps it would be a reasonable idea to recommend an > extension to Canonical XML processors enabling them to take a list of > namespace prefixes that they should not copy into the output document. > <snip/> </rob> > > <john> > Such a mechanism already exists: document subsetting. The namespace > axis processing only includes those namespace nodes that are both in the > axis and in the node-set. Thus, if the application has a particular > blob of XML to be signed, it is assumed that the application might know > a bit more about the namespaces at play within that blob and hence could > construct an Xpath to keep all desired elements and attributes plus only > those namespace nodes required. As a result, the signature could be > moved to other contexts since unwanted namespace nodes from the new > context are also not kept. </john> John, if I understand you correctly, you are saying that the application can provide, as the first parameter to the XML processor, a nodeset where part of the namespace axis is missing. Does this not contradict the Canonical XML recommendation [1]. I quote from Section 4.6:- "Note that in document subsets, an element with omissions from its ancestral element chain will be rendered to the canonical form with namespace declarations that may have been made in its omitted ancestors, thus preserving the meaning of the element." Regards Rob Lugt
Received on Wednesday, 16 May 2001 14:11:12 UTC