Updated Proposal for changes to C14N11 related to XMLSec interop feedback (original) (raw)
Glenn
Attached is a revised red-line of changes to C14N11, based on our
discussion during the XML Core F2F meeting today (I also changed the
order of bullets in 2.4 since knowledge of the changes to Remove Dot
Segments is required to perform the RFC 5.2.2 processing).
I believe we agreed that these changes should be incorporated into an
update to the C14N11 CR draft for review.
Thanks
regards, Frederick
Frederick Hirsch Nokia
On Nov 5, 2007, at 7:52 PM, Frederick Hirsch wrote:
resend with PDF
regards, Frederick
Frederick Hirsch Nokia
On Nov 5, 2007, at 6:12 PM, Frederick Hirsch wrote:
Paul, Thomas
I have put together a concrete proposed set of changes to C14N11 -
this may help with our discussion tomorrow. This is a rough draft
for discussion and has not been reviewed by the XMLSec WG.I attach a PDF red-line that attempts to implement all of our
feedback to C14N11 [1] on the C14N11 CR draft [2]. Line numbers
refer to the PDF.The rationale of the changes is as follows:
Line 11, remove text to revert C14N11 to 1.0 wording, as agreed
in first feedback itemLine 37-60 attempt to address feedback on xml:base processing
as follows2a. Wrote new brief introduction to xml:base fixup processing.
Remove redundant descriptions, as a result the text now only
refers to removed elements requiring fixup. Added parenthetical
to emphasize need for contiguous missing elements, and to
indicated how this applies to updated example.2b renamed "join URI" to "join-URI-References"
2c Added explicit warning re removal of elements vs attributes
(lines 61-64)2c moved description of join-URI-References function to follow
general xml:base fixup discussion. Minor editorial updates2c) removed reference to Appendix A, I am suggesting that Appendix
A be removed. Last bullet covers the key point at line 79-83
- Updated example for 3.8 as suggested by XMLSec. (lines 92-96)
regards, Frederick
Frederick Hirsch Nokia
[1] http://lists.w3.org/Archives/Public/www-xml-canonicalization- comments/2007Oct/0000.html
[2] http://www.w3.org/TR/2007/CR-xml-c14n11-20070621
On Oct 25, 2007, at 1:12 PM, ext Thomas Roessler wrote:
----- Forwarded message from "Grosso, Paul" <pgrosso@ptc.com> -----
From: "Grosso, Paul" <pgrosso@ptc.com> To: www-xml-canonicalization-comments@w3.org, Thomas Roessler
<tlr@w3.org> Date: Thu, 25 Oct 2007 12:59:02 -0400 Subject: Re: Interop meeting report X-Spam-Level: X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.1.5Thomas,
I wanted to archive this email, and I can't post directly to the XMLSEC list, so please forward this message to public-xmlsec-maintwg@w3.org.
paul
The XML Security Specifications Maintenance Working Group held an interoperability testing meeting for the XML Digital Signatures and Canonical XML 1.1 specifications in Mountain View, California, on 27 September 2007.
The XML Core WG is very appreciative of these efforts and this feedback.
The following three issues with the Canonical XML 1.1 specification were identified.
- The change back to language from C14N 1.0 that is suggested in [1] should be applied, as it matches implementation behavior.
Agreed, we will revert to 1.0 wording.
- The fix-up for the xml:base attribute that is specified in section 2.4 [2] was not implemented interoperably.
A single implementation was found to have implemented the specification's normative text correctly. Four implementations were found to be consistent with the example in section 3.8 [3]. The example in section 3.8 was found to be inconsistent with the normative text.
After discussion, there was consensus that the normative text is correct (but in need of clarification), and that the example provided in the specification is indeed incorrect.
Thank you for your clear explanation and examples. We agree with your feedback, and we have directed the editor to correct the examples and come up with improved wording.
Once we have a new draft of this section, we will share it with you for your comments.
- Appendix A was found to be complex to the point of being unimplementable.
We recommend to rewrite Appendix A in a clear and simple fashion. Where the (commendable!) aim of staying close to RFC 3986's language gets into the way of clarity or simplicity, the latter should be given priority.
Being complex to the point of being unimplementable is certainly an unfortunate situation.
However, RFC 3986 is very complicated. People have been arguing about what 2386 and 3986 really say for years, and it's unlikely to stop. It's been said that, if you think you understand this stuff and you aren't Roy Fielding, you are misleading yourself.
Given that, we are very loath to attempt to include wording that is not based on 3986 as there would be almost no guarantee that it would be correct.
If there are errors in the description in Appendix A in the C14N 1.1 CR, we certainly need to correct them. If there is a minor wording change that we can all agree maintains the correct meaning and improves its clarity, we are all for that.
But unless we can get Roy Fielding to approve it, we are very loath to replace Appendix A with a completely different algorithm.
paul for the XML Core WG
----- End forwarded message -----
<c14n11-2-4-redline.doc>
<c14n11-2-4-redline.pdf>
Attachments
- application/octet-stream attachment: c14n11-2-4-redline-v2.doc
- application/pdf attachment: c14n11-2-4-redline-v2.pdf
Received on Tuesday, 6 November 2007 16:16:10 UTC