Re: Some exc-c14n tests

I believe that your exc-c14n is missing xmlns="http://www.ietf.org" on
the e7 element.

My three c14n results are:

<e6 xmlns:a="http://www.w3.org" xmlns:foo="http://www.bar.org" test="../baz" xml:base="http://www.example.org/2002/">
       <e7 xmlns="http://www.ietf.org">
           <e8 xmlns="" a:foo="bar">
               <e9 xmlns:a="http://www.ietf.org" attr="default"></e9>
           </e8>
       </e7>
   </e6>

<e6 test="../baz">
       <e7 xmlns="http://www.ietf.org">
           <e8 xmlns="" xmlns:a="http://www.w3.org" a:foo="bar">
               <e9 attr="default"></e9>
           </e8>
       </e7>
   </e6>

<e6 xmlns:a="http://www.w3.org" test="../baz">
       <e7 xmlns="http://www.ietf.org">
           <e8 xmlns="" a:foo="bar">
               <e9 xmlns:a="http://www.ietf.org" attr="default"></e9>
           </e8>
       </e7>
   </e6>

Attached is a signature that captures these three examples; compare
with md5sum output via:
echo <message digest from reference> | \
  openssl base64 -d | hexdump -e '16/1 "%02x" "\n"'
... or something like that.

Merlin

r/reagle@w3.org/2002.01.31/11:41:47
>xmldsig makes a rather nice testing framwork for the transforms, but absent th
>at 
>here are 3 results and there resulting `| md5sum` .
>
>C14N ON e6 SUBSET
>policy: xmlsec-python> test_c14n.py -i eg3.xml -x '(//. | //@* | //namespace::
>*)[ancestor-or-self::e6]'
><e6 xmlns:a="http://www.w3.org" xmlns:foo="http://www.bar.org" test="../baz" x
>ml:base="http://www.example.org/2002/">
>       <e7 xmlns="http://www.ietf.org">
>           <e8 xmlns="" a:foo="bar">
>               <e9 xmlns:a="http://www.ietf.org" attr="default"></e9>
>           </e8>
>       </e7>
>   </e6>
>01a0569ae06ef9827afd55572b096b74
>
>EXC-C14N ON e6 SUBSET
>policy: xmlsec-python> test_c14n.py -e -i eg3.xml -x '(//. | //@* | //namespac
>e::*)[ancestor-or-self::e6]'
><e6 test="../baz">
>       <e7>
>           <e8 xmlns:a="http://www.w3.org" a:foo="bar">
>               <e9 attr="default"></e9>
>           </e8>
>       </e7>
>   </e6>
>aaddbe1fdb6122ad46af56e038bd721b
>
>EXC-C14N WITH INCLUSIVENAMESPACE PREFIXLIST="a" ON e6 SUBSET
>policy: xmlsec-python> test_c14n.py -e -p "a" -i eg3.xml -x '(//. | //@* | //n
>amespace::*)[ancestor-or-self::e6]'
><e6 xmlns:a="http://www.w3.org" test="../baz">
>       <e7>
>           <e8 a:foo="bar">
>               <e9 xmlns:a="http://www.ietf.org" attr="default"></e9>
>           </e8>
>       </e7>
>   </e6>
>f86803163965ce052a40657493ff5e69
>
>
>-- 
>
>Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
>W3C Policy Analyst                mailto:reagle@w3.org
>IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature/
>W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/part 2    


-----------------------------------------------------------------------------
Baltimore Technologies plc will not be liable for direct,  special,  indirect 
or consequential  damages  arising  from  alteration of  the contents of this
message by a third party or as a result of any virus being passed on.

This footnote confirms that this email message has been swept by
Baltimore MIMEsweeper for Content Security threats, including
computer viruses.
   http://www.baltimore.com

Received on Thursday, 31 January 2002 17:43:16 UTC