W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 2002

Re: [xml-dev] canonicalization

From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
Date: Mon, 01 Jul 2002 22:54:53 +0200
To: "Simon St.Laurent" <simonstl@simonstl.com>
cc: Elliotte Rusty Harold <elharo@metalab.unc.edu>, xml-dev@lists.xml.org, w3c-ietf-xmldsig@w3.org
Message-ID: <59083497.1025564093@crypto>

Hi Simon,
hi Elliotte,

I've seen the summary on the XInclude discussion on [1] where you all talk 
about the fact/'problem' that Canonical XML does not resolve XIncludes.

Just a comment on that it's not a problem for XML Signature [2]: XML 
Signature has the concept of transforms. If XInclude is important for you 
and you want to sign an 'expanded' document, simply specify an XInclude 
transform which does what you need (just a little bit out of context of the 
reference):

<ds:Transforms>
  <ds:Transform Algorithm="http://simonstl.com/#myXIncludeTransform" />
  <ds:Transform 
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
  <ds:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" 
/>
</ds:Transforms>

If you enforce by a Transform that XIncludes are resolved, canonical XML 
does canonicalize all the included stuff.

Hope that helps,
Christian

[1] <http://weblogs.userland.com/eclectic/discuss/msgReader$369?mode=day>
[2] <http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/>
Received on Monday, 1 July 2002 16:54:24 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:10:10 UTC