The joint IETF/W3C XML Signature Working Group
has released
a new Working Draft of
the Canonical XML specification.
Following a second Last Call Working Draft,
this fourth edition of the XPath based Canonical XML specification is attempting
"to capture the resolution of all issues" raised after the second Last Call
and is expected to move to "Candidate REC status within a few weeks".
Started by the XML Core Working Group the work
has been handed over - after the first Last Call - to the XML Signature Working Group
that relies on this specification to check if a document has been updated:
A digital signature over the canonical form of an XML document or document subset would allow the signature digest
calculations to be oblivious to changes in the original document's physical representation, provided that the changes are defined to
be logically equivalent by the XML 1.0 or Namespaces in XML.
This release that is bringing a new clarification on the role played by XPath
(speaking of XPath node-set instead of XPath expression) has also changed the
canonicalized output of namespaces declarations to reduce redundant namespaces declarations.
The document includes a limitations section showing that
Canonical XML cannot deal with documents
"logically equivalent within a given application context" and also that since
the data model relies on XPath the canonicalized output doesn't include information
about the base URI, notations and external unparsed entity references or attribute types.
The section about namespaces rewriting
also explains why rewriting namespace prefixes could
"damage [...] a document by changing its meaning" and that the namespaces
prefixes are preserved in the canonicalized output.
Related stories: