Re: Poll on Exclusive Canonicalization from Donald E. Eastlake 3rd on 2001-06-20 (w3c-ietf-xmldsig@w3.org from April to June 2001)

From: Donald E. Eastlake 3rd <dee3@torque.pothole.com>
Date: Wed, 20 Jun 2001 08:19:14 -0400
To: "Joseph M. Reagle Jr." <reagle@w3.org>
cc: "Donald E. Eastlake 3rd" <lde008@dma.isg.mot.com>, "John Boyer" <JBoyer@PureEdge.com>, "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>
Message-Id: <200106201219.IAA0000066082@torque.pothole.com>

Hi Joseph,

I don't understand your question.

Although it could be implemented in various ways, the exclusive
canonicalization I specified can be done, for namespaces, as a
post-processing after "CanonicalXML". Viewed that way, it says to
remove namespace declarations from the apex node if they appear to be
"unused". (There is no effect on any other output node.)

In your example below, the ns1 namespace is always used, so whether
you were canonicalizing the whole thing or just bar or just baz, the
exclusive canonicalization I specified would produce exactly the same
serialization as inclusive canonicalization.

The proposed further tweak just provides a list of prefixes that are
to be considered "used" regardless and thus not removed from the apex
node. It certainly isn't needed here.

Thanks,
Donald

From:  "Joseph M. Reagle Jr." <reagle@w3.org>
Message-Id:  <4.3.2.7.2.20010619175522.03029258@localhost>
Date:  Tue, 19 Jun 2001 18:03:11 -0400
To:  "Donald E. Eastlake 3rd" <lde008@dma.isg.mot.com>
Cc:  "John Boyer" <JBoyer@PureEdge.com>,
            "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>
In-Reply-To:  <200106181846.OAA08404@noah.dma.isg.mot.com>
References:  <Your message of "Mon, 18 Jun 2001 10:17:12 EDT." <7874BFCCD289A645B5CE3935769F0B520C33F1@tigger.PureEdge.com>

>If the prefix is overloaded, how would you determine which namespace to use?
>
><?xml version="1.0" encoding="UTF-8"?>
><ns1:foo xmlns:ns1='oneThing'>
>   <ns1:bar xmlns:ns1='theOther'>
>     <ns1:baz>Frobnostication</ns1:baz>
>   </ns1:bar>
></ns1:foo>
>
>Using the closest might not be approriate given what's being ported ... I 
>suspect to go this Include/Exclude route, you need to give the 
>(prefix,namespace) pair.
>
>At 14:46 6/18/2001, Donald E. Eastlake 3rd wrote:
>>Do you have any suggestions here? Would an IncludeNS element content
>>of exclusive canonicalization algorithm elements which had an
>>attribute whose values was a list fo prefixs (NMTOKENS) that would be
>>considered used, even though their prefix did not appear to be used,
>>do the trick?  So you might have
>>   <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#excludeC14N">
>>     <IncludeNS Prefixes="foo bar etc"/>
>>   </Transform>
>
>
>
>--
>Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
>W3C Policy Analyst                mailto:reagle@w3.org
>IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature
>W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/
>

Received on Wednesday, 20 June 2001 08:20:06 UTC