Re: c14n/exc-c14n interop samples from Aleksey Sanin on 2002-05-31 (w3c-ietf-xmldsig@w3.org from April to June 2002)

From: Aleksey Sanin <aleksey@aleksey.com>
Date: Thu, 30 May 2002 22:24:34 -0700
To: merlin <merlin@baltimore.ie>
Cc: w3c-ietf-xmldsig@w3.org
Message-ID: <3CF70912.7040901@aleksey.com>
Hi, Merlin!

I have a question regarding your examples. You've canonicalized the second
reference as follows (c14n-1.txt):

<bar:Something xmlns:bar="http://example.org/bar" xml:lang="en-ie">
     <foo:Something xmlns:foo="http://example.org/foo">
        <bar:Something xmlns:bar="http://example.org/bar">
           <foo:Something xmlns:foo="http://example.org/foo">
             <baz:Something 
xmlns:baz="http://example.org/baz"></baz:Something>
           </foo:Something>
        </bar:Something>
     </foo:Something>
  </bar:Something>

and it seems to me that according to 
http://www.w3.org/TR/xml-c14n#SuperfluousNSDecl
the correct c14n form is the following (unnecessary namespace 
declarations are removed):

<bar:Something xmlns:bar="http://example.org/bar" xml:lang="en-ie">
     <foo:Something xmlns:foo="http://example.org/foo">
        <bar:Something>
           <foo:Something>
             <baz:Something 
xmlns:baz="http://example.org/baz"></baz:Something>
           </foo:Something>
        </bar:Something>
     </foo:Something>
  </bar:Something>



With best regards,

Aleksey Sanin
XML Security Library <http://www.aleksey.com/xmlsec>.



merlin wrote:

>Hi,
>
>Attached is a signature with 9 XPath-transformed examples
>run through c14, exc-c14n and exc-c14n with an inclusive
>namespace prefix list. The XPath transforms variously
>manipulate the namespace axis to demonstrate c14n behaviour
>in different situations. For example:
>
><foo:Root xmlns:bar="http://example.org/bar"
>          xmlns:baz="http://example.org/baz" 
>          xmlns:foo="http://example.org/foo"
>          xmlns="http://example.org/"
>          xml:lang="en-ie">
>  <bar:Something>
>     <foo:Something>
>        <bar:Something>
>           <foo:Something>
>             <baz:Something />
>           </foo:Something>
>        </bar:Something>
>     </foo:Something>
>  </bar:Something>
>  <Signature xmlns="http://www.w3.org/2000/09/xmldsig#" ... />
></foo:Root
>
>The following XPath selects the bar:Something subtree, but
>only includes namespace nodes that are directly used by their
>parent element.
>
>  ancestor-or-self::bar:Something  and
>  (self::text()  or
>   (namespace-uri() != "")  or
>   (string(self::node()) = namespace-uri(parent::node())))
>
>I believe that the canonical form is then:
>
><bar:Something xmlns:bar="http://example.org/bar" xml:lang="en-ie">
>     <foo:Something xmlns:foo="http://example.org/foo">
>        <bar:Something xmlns:bar="http://example.org/bar">
>           <foo:Something xmlns:foo="http://example.org/foo">
>             <baz:Something xmlns:baz="http://example.org/baz"></baz:Something>
>           </foo:Something>
>        </bar:Something>
>     </foo:Something>
>  </bar:Something>
>
>And I believe that the exclusive canonical form is:
>
><bar:Something xmlns:bar="http://example.org/bar">
>     <foo:Something xmlns:foo="http://example.org/foo">
>        <bar:Something>
>           <foo:Something>
>             <baz:Something xmlns:baz="http://example.org/baz"></baz:Something>
>           </foo:Something>
>        </bar:Something>
>     </foo:Something>
>  </bar:Something>
>
>Merlin
>  
>
Received on Friday, 31 May 2002 01:23:40 UTC