serialization and xml wrapping from Ari Kermaier on 2002-09-20 (xml-encryption@w3.org from September 2002)

From: Ari Kermaier <arik@phaos.com>
Date: Fri, 20 Sep 2002 16:46:21 -0400
To: "W3C XML-ENC WG List" <xml-encryption@w3.org>
Message-ID: <00a401c260e6$c6eb01f0$3401a8c0@phaosarik>

Dear All,

I'm confused about the rules for augmenting/wrapping/parsing decrypted XML
in XML Encryption and Decryption Transform. Given the example from [1]:

<!DOCTYPE Document [
  <!ENTITY dsig "http://www.w3.org/2000/09/xmldsig#">
]>
<Document xmlns="http://example.org/">
  <foo:Body xmlns:foo="http://example.org/foo">
    <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#"
                   Type="http://www.w3.org/2001/04/xmlenc#Element">
      ...
    </EncryptedData>
  </foo:Body>
</Document>

Where the EncryptedData element decrypts to:

<One><foo:Two/></One>

The text gives the following as the correct result:

<!DOCTYPE dummy [
  <!ENTITY dsig "http://www.w3.org/2000/09/xmldsig#">
]>
<dummy xmlns="http://example.org/"
       xmlns:foo="http://example.org/foo"><One><foo:Two/></One></dummy>

However, [2] indicates that <Foo/> parsed in the context of:

<Bar xmlns="http://example.org/bar"/>

Should be augmented to produce:

<Bar xmlns="http://example.org/bar"><Foo xmlns="" /></Bar>

Wouldn't this mean that the example from [1] should give the result as:

<!DOCTYPE dummy [
  <!ENTITY dsig "http://www.w3.org/2000/09/xmldsig#">
]>
<dummy xmlns="http://example.org/"
       xmlns:foo="http://example.org/foo"><One
xmlns=""><foo:Two/></One></dummy>

But this doesn't make sense to me, since the point of giving the parsing
context to the dummy element is to make sure that inherited namespaces *are*
transmitted to the wrapped XML.

Further: [3] indicates, for Step 2 of  decryptXML(N, E), that: "A namespace
declaration xmlns="" MUST be emitted with every apex element that has no
namespace prefix and URI as described in Serializing XML [XML-Encryption,
section 4.3.3]". Firstly, we're talking about the apex elements in a
node-set, which might include namespace nodes for the default namespace
inherited from the dummy element in prior wrapping/parsing -- this means
that an element without a namespace prefix is not necessarily without a
namespace, and emitting xmlns="" would conflict with emission of the
namespace node in the node-set.

What am I missing?

Thanks,
Ari Kermaier

-----------------
[1]  http://www.w3.org/TR/xmlenc-core/#sec-Text-Wrapping
[2]  http://www.w3.org/TR/xmlenc-core/#sec-Serializing-XML
[3]
http://www.w3.org/Encryption/2001/Drafts/xmlenc-decrypt.html#sec-xml-process
ing

Received on Friday, 20 September 2002 16:47:10 UTC