W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > April to June 2001

Re: signature portability / C14N / inherited namespaces

From: Rob Lugt <roblugt@elcel.com>
Date: Wed, 16 May 2001 19:13:06 +0100
Message-ID: <009a01c0de33$dae912a0$0400a8c0@scott>
To: "John Boyer" <JBoyer@PureEdge.com>, "merlin" <merlin@baltimore.ie>, <reagle@w3.org>
Cc: <w3c-ietf-xmldsig@w3.org>
> <rob> <snip/> However, if you are willing to put some onus on the
> application to be aware of the namespace context of the document
> fragment, then perhaps it would be a reasonable idea to recommend an
> extension to Canonical XML processors enabling them to take a list of
> namespace prefixes that they should not copy into the output document.
> <snip/> </rob>
>
> <john>
> Such a mechanism already exists: document subsetting.  The namespace
> axis processing only includes those namespace nodes that are both in the
> axis and in the node-set.  Thus, if the application has a particular
> blob of XML to be signed, it is assumed that the application might know
> a bit more about the namespaces at play within that blob and hence could
> construct an Xpath to keep all desired elements and attributes plus only
> those namespace nodes required.  As a result, the signature could be
> moved to other contexts since unwanted namespace nodes from the new
> context are also not kept. </john>

John, if I understand you correctly, you are saying that the application can
provide, as the first parameter to the XML processor, a nodeset where part
of the namespace axis is missing.  Does this not contradict the Canonical
XML recommendation [1].  I quote from Section 4.6:-

"Note that in document subsets, an element with omissions from its ancestral
element chain will be rendered to the canonical form with namespace
declarations that may have been made in its omitted ancestors, thus
preserving the meaning of the element."

Regards
Rob Lugt
Received on Wednesday, 16 May 2001 14:11:12 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:10:04 UTC