9.6. Limitations of XML Canonicalization

XML canonicalization provides, where possible, a canonical form based on the XML and XML Namespace standards. That is, it strives to change all cases of the “same” XML, according to these standards, into identical sequences of octets. Of course, what is considered the “same” inherently depends on the particular application.

Ignoring such issues as changes in ancestor bindings that appear not to be used in a subdocument to be signed, consider the foo2:bar element:

<wrapper xmlns:foo2="http://example.com"
         xmlns:foo3="ftp://x.example">
  <foo2:bar attribute="value">content</foo2:bar>
</wrapper>

If the foo2:bar element and its content are signed, should we assume that foo2 is intended to always represent the ...

Get Secure XML: The New Syntax for Signatures and Encryption now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.