OASIS ebXML Messaging Services TC

Re: [ebxml-msg] Whitespace problem with XMLDSIG usage in ebMSS

  • 1.  Re: [ebxml-msg] Whitespace problem with XMLDSIG usage in ebMSS

    Posted 12-19-2001 16:08
    I agree with Rich and think his reasoning can be extended to the underlying
    problem as well.  Because the XSLT transform described doesn't come for
    free, couldn't we recommend the xml:space="preserve" attribute be set for
    the entire soap:Envelope or equivalent handling?
    
    This is probably a general disagreement with the "unreasonable to expect
    such an MSH to preserve irrelevant whitespace" point.  If we can require an
    MSH to preserve whitespace in the SignedInfo element, why not in the
    referenced signed material?
    
    I certainly agree with Sanjay it is not intuitively obvious why the existing
    canonicalization methods don't remove trivial whitespace.  That's balanced
    against our need to support receivers not using verifying parsers (also the
    "why" canonicalization works as it does) and the high cost of the
    transformation described.  Therefore, I'm recommending not adding this
    additional transform and instead requiring implementations to avoid the
    underlying problem.
    
    We'll need to discuss what "avoid the underlying problem" truly means
    because I'm not sure xml:space has been consistently implemented in the XML
    parser marketplace.  It also only requires the application layer learns of
    all whitespace in the affected elements, not inclusion of that whitespace in
    a related document created by the application layer.  In this context, the
    "application layer" is anything above the XML parser, including the SOAP
    processor, signature validator and MSH handler.
    
    By the way, the XSLT block (if we do decide to use it) seems to contain a
    typo.  Shouldn't
        <xsl:apply-templates select='@*'/>
        <xsl:apply-templates/>
    instead be
        <xsl:apply-templates select='@*'>
        </xsl:apply-templates>
    or
        <xsl:apply-templates select='@*'/>
    I'm probably misremembering something that's not intuitive about XSLT...
    
    thanx,
        doug