Re: Base64

Hi Gregor,

As far as I (possibly we) understand it, schema-normalized values are
*not* exposed as part of the standard XML infoset (and thus probably
not DOM), but as part of the post schema-validation infoset, which is
an augmentation, not a replacement, of the XML infoset.

So, any canonical form for base64 should not affect signature processing.

Also, there is a proposal that schema validation be an *explicit*
transform, so the possibility of sender/recipient schema validation
conflict (defaulted values) may be reduced. Of course, this won't
really help in the case of same-document references.


>> Is [1] sufficient for your concerns about base64?
>> [1]
>The relevant point is:
>     4. what is the canonical form for base64Binary values?
>     Respose: Option A: 76 characters from the base64 alphabet, then a
>     sequence; repeat as needed; last line of more than 0, less than 76
>     characters, also terminated by newline sequence.
>But I am not sure about the consequences of introducing a canonical form for
>base64Binary values: Is a schema validating parser enforced to report only
>canonical form of the value to the application?
>  * If yes, then my concerns are addressed, if the signature application is
>    ENFORCED to produce the canonical form of the digest value's base64
>    lexical representation.
>  * In the current draft of XMLDSIG, this enforcement is not established.
>    Without such an enforement, the signature will break if the creator
>    of a signature does not produce the canonical representation, and if
>    the validator of the signature uses a validating parser.
>  * If no, my concerns are not addressed.
>Liebe Gruesse/Regards,
>DI Gregor Karlinger
>Phone +43 316 873 5541
>Institute for Applied Information Processing and Communications

Baltimore Technologies plc will not be liable for direct,  special,  indirect 
or consequential  damages  arising  from  alteration of  the contents of this
message by a third party or as a result of any virus being passed on.

In addition, certain Marketing collateral may be added from time to time to
promote Baltimore Technologies products, services, Global e-Security or
appearance at trade shows and conferences.

This footnote confirms that this email message has been swept by
Baltimore MIMEsweeper for Content Security threats, including
computer viruses.

Received on Thursday, 9 August 2001 08:41:58 UTC