santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Elliotte Rusty Harold <>
Subject Re: XMLCipher - enhancement for content encryption
Date Sat, 03 Jan 2004 21:15:39 GMT
At 9:47 PM +0100 1/3/04, Werner Dittmann wrote:
>Dims, all,
>just looked at CanonicalizerBase and did a quick test. Unfortunatly it also
>handles CDATA in a wrong way - it handles CDATA like standard Text
>nodes, i.e. C14nBase converts all special chars into Entities and serialize
>CDATA as standard text without the "[!CDATA[....]]" sequence. I don't
>know if this is by purpose or a bug.

This is correct. Canonical XML does not any include any CDATA 
sections, regardless of whether the original text uses them or not.

>I haven't looked into the C14n specs if they require CDATA to be converted
>into Text befor Signature, that is all special character like <, >, etc.
>into Entities like &lt; , &gt; .

It does.

>IMO, for encryption serialization CDATA shall be serialized as CDATA element
>without Entity conversion. Otherwise it may give problems when we first sign
>element, then encrypt it. In addition CDATA implies a  "preserve space"
>Is that true for standard Text nodes too?

CDATA sections imply no such thing. They no more or less preserve 
space than any non-CDATA section. Generally white space should be 
preserved, but CDATA sections have nothing to do with this. You seem 
to be attributing semantics properties to CDATA sections that are not 
justified by the XML specification.

   Elliotte Rusty Harold
   Effective XML (Addison-Wesley, 2003)

View raw message