RE: Clarification from Dournaee, Blake on 2002-08-14 (w3c-ietf-xmldsig@w3.org from July to September 2002)

From: Dournaee, Blake <bdournaee@rsasecurity.com>
Date: Wed, 14 Aug 2002 14:44:15 -0700
To: "'Christian Geuer-Pollmann'" <geuer-pollmann@nue.et-inf.uni-siegen.de>, w3c-ietf-xmldsig@w3.org
Message-ID: <E7B6CB80230AD31185AD0008C7EBC4D2041D683F@exrsa01.rsa.com>

Thanks everyone -

The paragraph logic as written doesn't necessarily imply Christian's
conclusion. Assuming #1 and #2, #3 is not necessarily true if one were to
read the XML Signature Recommendation alone.

Is this a big deal, nope - but it could cause interop problems if
Christian's conclusion isn't followed by every implementor. We came across
this at RSA while in development of some XML Signature tools and the
question was posed to me.

My point is largely academic. I think the consensus is correct: XPointer
fragment references include all referenced child nodes with no further
qualification. It just doesn't explicitly SAY these words. Not a big deal.
Carry on :)


1. "if the URI is not a full XPointer, then delete all
    comment nodes"

2.  "Therefore to retain the default behavior of stripping
    comments when passed a node-set, they are removed in
    the last step if the URI is not a full XPointer."

3. *If* it's an XPointer, comments are not removed.

Regards.

Blake Dournaee
Senior Systems Engineer
RSA Security, Inc.
650-295-7548

"A mind all logic is like a knife all blade, it makes the hand bleed that
uses it."


-----Original Message-----
From: Christian Geuer-Pollmann
[mailto:geuer-pollmann@nue.et-inf.uni-siegen.de] 
Sent: Wednesday, August 14, 2002 12:26 PM
To: Dournaee, Blake; w3c-ietf-xmldsig@w3.org
Subject: Re: Clarification



--On Mittwoch, 14. August 2002 10:46 -0700 "Dournaee, Blake"
<bdournaee@rsasecurity.com> wrote:

>
> Hello All,
>
> I came across something that wasn't quite clear to me in the XML Signature
> Recommendation.
>
> Consider Section 4.3.3.2 in http://www.w3.org/TR/xmldsig-core/
>
> Next consider Case 1 and Case 2 below:
>
> Case 1: <Reference URI="#frag1">....</Reference>

URI="#frag1": The nodes under the element with ID-type attr with value
"frag1" without comments

<Object Id="frag1"> <hello> world </hello>  </Object>


> Case 2: <Reference URI="xpointer(id('frag1')"> ..... </Reference>
                          ^ '#' missing

URI="#xpointer(id('frag1')": The nodes under the element with ID-type attr
with value "frag1" with comments

<Object Id="frag1"> <hello> world </hello> <!-- today is cool --> </Object>

> Consider:
>
> <Object Id="frag1"> <hello> world </hello> <!-- today is cool -->
</Object>
>
>
> The spec clearly says that Case 1 should Reference a node set without
> comments, but for Case 2, it does not clearly say that comments should be
> preserved or stripped (although comment preservation is implied).
>
> Is this clear somewhere else, or am I missing something?

4.3.3.3 states:

   "if the URI is not a full XPointer, then delete all
    comment nodes"

and

   "Therefore to retain the default behavior of stripping
    comments when passed a node-set, they are removed in
    the last step if the URI is not a full XPointer."

So *if* it's an XPointer, comments are not removed.


Christian

Received on Wednesday, 14 August 2002 17:45:01 UTC