- From: Spielman, Terence <TSpielma@inovant.com>
- Date: Mon, 10 Jun 2002 08:29:04 -0700
- To: "'w3c-ietf-xmldsig@w3.org'" <w3c-ietf-xmldsig@w3.org>
- Cc: "'reagle@w3.org'" <reagle@w3.org>
Thank you for the reply. If anyone could quickly answer the following yes/no questions as well, I would appreciate it. Based on my readings of the specs (XML, Namespaces, XMLDSIG), my answers are in square brackets. 1) Is it required that the Signature element have a namespace node with a value of "http://www.w3.org/2000/09/xmldsig#"? [No if the XML need only be well-formed and Yes otherwise] 2) Does this namespace attribute have to be declared in the Signature element itself? [No, it can be declared higher in the DOM, see example 3] 3) Is it possible to declare a non-default namespace node for the xmldsig elements prior to the Signature element? [Yes, the following is legal] e.g. <SomeElement xmlns="http://foo.com/#bar" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> .... <dsig:Signature> <dsig:SignedInfo> ... </dsig:SignedInfo> </dsig:Signature> ... </SomeElement> Thanks! Terence > -----Original Message----- > From: Joseph Reagle [mailto:reagle@w3.org] > Sent: Thursday, June 06, 2002 4:07 PM > To: Spielman, Terence > Cc: 'w3c-ietf-xmldsig@w3.org' > Subject: Re: Question on canonicalization and namespaces > > > On Thursday 06 June 2002 10:37 am, Spielman, Terence wrote: > > "Yes, the namespace attribute is present in the serialized > version of > > the SignedInfo". > > http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/#sec-Canon icalizationMethod 4.3.1 The CanonicalizationMethod Element ... The way in which the SignedInfo element is presented to the canonicalization method is dependent on that method. The following applies to algorithms which process XML as nodes or characters: * XML based canonicalization implementations MUST be provided with a [XPath] node-set originally formed from the document containing the SignedInfo and currently indicating the SignedInfo, its descendants, and the attribute and namespace nodes of SignedInfo and its descendant elements. * Text based canonicalization algorithms (such as CRLF and charset normalization) should be provided with the UTF-8 octets that represent the well-formed SignedInfo element, from the first character to the last character of the XML representation, inclusive. This includes the entire text of the start and end tags of the SignedInfo element as well as all descendant [187]markup and character data (i.e., the text) between those tags. Use of text based canonicalization of SignedInfo is NOT RECOMMENDED.
Received on Monday, 10 June 2002 11:29:12 UTC