OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

dss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: OASIS DSS - Issue regarding canonicalization

I have comments on the text and questions about it.

1. At a minimum the syntax needs to be fixed. I propose:

If expressions (XPath-Expressions) inside XPath-Filters (or
XPath-Filters 2.0), XSLT etc. used in the chain of transforms (i.e.
<ds:Reference>/<ds:Transforms>/<ds:Transform>) are used in a way so that
they may also refer to parts of the transport protocol, they will behave
differently depending on whether the document is inside its transport
protocol or not. 

2. I am not sure what was intended by the last sentence? Perhaps:

Behavior can then also change depending on which SOAP normalizations are
used in WSS.

Or perhaps:

Behavior can then also change depending on SOAP normalizations, which
are used in WSS.

Or seeing as there is only one SOAP normalization algorithm specified:

Behavior can then also change depending on whether SOAP normalization is
used in WSS.

3. It seems to me that the issue relates to any surrounding XML context,
not merely a transport protocol.

4. I am not completely sure what the phrase "SOAP normalization" is
intended to mean. If it refers to "SOAP Version 1.2 Message
Normalization", then I would say so.

5. Is this comment also being sent to the W3C? They are the originator
of all the referenced specifications. If it is sent to the WSS TC, I
suggest it is also of interest to WS-SX TC, SS TC, XACML TC, PS TC, WS-I
BSP WG and perhaps others.

Hal

> -----Original Message-----
> From: Nick Pope [mailto:nickpope@secstan.com]
> Sent: Monday, April 24, 2006 5:06 AM
> To: Hal Lockhart
> Cc: OASIS DSS TC
> Subject: OASIS DSS - Issue regarding canonicalization
> 
> Hal,
> 
> As you are involved in both groups could you forward the attached to
the
> OASIS WSS group.
> 
> ---
> On behalf of the OASIS Digital Signature Services we bring to your
> attention
> an issue that we have found regarding the application of
Canonicalisation
> to
> XML data carried within XML transport protocols.  The problem
described in
> brief is:
> 
> If expressions (XPath-Expressions) inside XPath-Filters (or
> XPath-Filters 2.0), XSLT etc.. used in the chain of transforms (i.e.
> <ds:Reference>/<ds:Transforms>/<ds:Transform>) are used in a way so
that
> they may also refer to parts of the transport protocol will behave
> differently depending on whether the document is inside it's transport
> protocol or not. Behavior can then also change depending on SOAP
> normalizations which is used in WSS.
> 
> If you have any further or comments on this issue we would be happy to
> respond.
> 
> Nick Pope & Juan Carlos
> Co-chairs OASIS Digital Signature Services
> 
>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]