Re: Soap Message Canonicalization (SM-C14N) from noah_mendelsohn@us.ibm.com on 2002-02-19 (xml-dist-app@w3.org from February 2002)

From: <noah_mendelsohn@us.ibm.com>
Date: Mon, 18 Feb 2002 20:24:04 -0500
To: rsalz@zolera.com
Cc: xml-dist-app <xml-dist-app@w3.org>
Message-ID: <OF1593721A.97B679DE-ON85256B65.00033906@lotus.com>

Rich Salz writes:

>> I agree with you, and would like to see SOAP make guarantees
>> about how intermediaries must preserve the order.  Until or
>> unless that is done, however, SM-C14N requires a unique sorting
>> order; if you can think of a more streaming-friendly way to do
>> it, I'm all ears.

I now see where the confusion is coming from.  In fact, there is
work going on right now in the protocols WG to nail down the
responsibilities of an intermediary in relaying a SOAP message.
While nobody can say for sure until the WG commits, I strongly
suspect that the rules will be much more restrictive than you
seem to be assuming.  For example, I would expect (hope) that
headers not processed by the intermediary would be preserved in
order.

So: rather than defining an elaborate canonicalization with
sorting, etc., and then waiting to see what the SOAP rec says,
why not first wait for the SOAP rules to crystalize? 

>> > * In general, I'm not sure we've motivated a single canonicalization 
for
>> >   SOAP.  What are the use cases.  Allowing some freedom to 
intermediaries
>> >   does establish equivalence classes for soap messages, but not 
necessarily
>> >   one representation for each class that's considered canonical.
>> 
>> I'm not sure what you mean by this.  I want to be able to
>> canonicalize a message so that I get the identical byte stream no
>> matter what conforming intermediaries do. I need the identical
>> byte stream so that no matter who hashes [apologies to the
>> Grinch], and no matter when in the processing flow they hash, all
>> hashes are the same.

OK, that makes sense, but my preferred model would be that SOAP
intermediaries do very little to change the order or content of
the message, therefore the canonicalization algorithm needed to
establish equivalence between all possible forms of a relayed
message becomes near trivial (e.g. strip whitespace and
comments).

Of deeper concern to me is that none of this can change the fact
that typical intermediaries are supposed to do things like
removing headers, inserting others, etc.  I can understand that
one might create a canonicalization algorithm that would
establish equivalence for messages passing through the rare
intermediary that makes no semantic changes to the message.  I'm
still unsure why there's a need to sign the envelope as a whole
in the typical case where intermediaries do real work.  I would
have thought we would need a flexible system that could sign
identified combinations of header and body blocks, while ignoring
other headers that are intended to change.  Am I missing
something?

------------------------------------------------------------------
Noah Mendelsohn                              Voice: 1-617-693-4036
IBM Corporation                                Fax: 1-617-693-8676
One Rogers Street
Cambridge, MA 02142
------------------------------------------------------------------

Received on Monday, 18 February 2002 20:37:52 UTC