xml-xmlbeans-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Waite <m...@akuma.org>
Subject Re: xmlbeans xml security
Date Fri, 02 Jul 2004 00:26:51 GMT

On Jul 1, 2004, at 6:00 PM, Noah Campbell wrote:

> I think we're on the same page in regards to this.  I'm having to dig
> into the specs for c14n and at least how I interrept it the prefix of
> the QName from the localpart must be preserved in the original
> document.

The full QName, prefix, namespace URI and local name must all be 

> As I understand c14n (and I'm learning volumes as I prepare to
> implement a C14NSaver) the namespace is discarded in the
> cananocialized form.  Sure the output is not xml valid, or namespace
> collisions cause a lossy form, but this is okay.  The point is not to
> have a valid doc but a representation that will be unique on a byte
> level.

The namespace definitions are always there if you canonicalize a full 
document; redundant definitions are removed. Actually, only if you do 
exclusive canonicalization on a partial document will namespaces be 
removed, and only if no attributes or elements names included in the 
canonicalized form are using them. The issue I stated below was that 
the prefix was not preserved, so elements may switch prefixes  on save 
to whichever one happens to have precedence internally. This breaks 
canonicalization, although it does not change the meaning of the 
document. It also breaks infoset fidelity (xml-infoset , sections 2.2 
and 2.3 property 3).

And I thought I was writing the C14NSaver. :) Would you like to work 

-David Waite

- ---------------------------------------------------------------------
To unsubscribe, e-mail:   xmlbeans-dev-unsubscribe@xml.apache.org
For additional commands, e-mail: xmlbeans-dev-help@xml.apache.org
Apache XMLBeans Project -- URL: http://xml.apache.org/xmlbeans/

View raw message