Re: Section

At 19:37 7/9/2001, Dournaee, Blake wrote:
>We have a question about the XML DSig spec regarding Section,
>Reference Processing Model.
>Consider the following clarification, and please let us know if this is the
>correct interpretation:
>When a same-document reference (1) or a bare fragment identifier (2) is used
>as a URI Reference,  it must be dereferenced as an XPath node-set. This 
>node-set must have ALL comments stripped from it  (e.g. equivalent to 
>passing the node-set through an arbitrary 'comment stripping' 
>transformation) before canonicalization is used. The type of 
>canonicalization used is orthogonal to the stripping of all comments.  For 
>example, comments must still be stripped even if a canonicalization method 
>that preserves comments is used.
>And finally, why must comments be stripped anyway?

I too am a little foggy on the relationship of XPointer and comments here. 
The appropriate text is:
>5. if the URI is not a full XPointer, then delete all comment nodes
>The last step is performed for null URIs, barename XPointers and child 
>sequence XPointers. To retain comments while selecting an element by an 
>identifier ID, use the following full XPointer: URI='#xpointer(id('ID'))'. 
>To retain comments while selecting the entire document, use the following 
>full XPointer: URI='#xpointer(/)'. This XPointer contains a simple XPath 
>expression that includes the root node, which the second to last step above 
>replaces with all nodes of the parse tree (all descendants, plus all 
>attributes, plus all namespaces nodes).

Since one has the option of deciding which c14n to use (the implicit without 
comments, or an explicit with comments, or an explicit without) I no longer 
remember why the XPath nodeset processing needs this final step? John?

Joseph Reagle Jr.       
W3C Policy Analyst      
IETF/W3C XML-Signature Co-Chair
W3C XML Encryption Chair

Received on Friday, 27 July 2001 17:24:26 UTC