Secure XML: The New Syntax for Signatures and Encryption

9.6. Limitations of XML Canonicalization

XML canonicalization provides, where possible, a canonical form based on the XML and XML Namespace standards. That is, it strives to change all cases of the “same” XML, according to these standards, into identical sequences of octets. Of course, what is considered the “same” inherently depends on the particular application.

Ignoring such issues as changes in ancestor bindings that appear not to be used in a subdocument to be signed, consider the foo2:bar element:

<wrapper xmlns:foo2="http://example.com"
         xmlns:foo3="ftp://x.example">
  <foo2:bar attribute="value">content</foo2:bar>
</wrapper>

If the foo2:bar element and its content are signed, should we assume that foo2 is intended to always represent the ...

Get Secure XML: The New Syntax for Signatures and Encryption now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Secure XML: The New Syntax for Signatures and Encryption by Donald E. Eastlake, Kitty Niles

9.6. Limitations of XML Canonicalization

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly