This implementation report is intended to demonstrate fulfillment of the Candidate Recommendation Exit Criteria for Canonical XML 1.1:
- Test documents must have been developed with a range of usages of attributes in the XML namespace, and correct and compatible results shown for these tests by at least two implementations.
- A minimum of three months of the CR period must have elapsed.
-- Canonical XML 1.1, W3C Candidate Recommendation 21 June 2007
Canonical XML 1.1 differs from Canonical XML 1.0 in the
handling of attributes in the xml
namespace when
document subsets are canonicalized. All tests were performed
within the context of implementations of the XML Signature
specification (see
detailed description of test case setup), using an XPath
transform to identify the signed document subset, and Canonical
XML 1.1 to canonicalize it.
Testing was organized and performed by the members of the XML Security Specifications Maintenance Working Group. Five implementations participated in the testing. All five implementations submitted identical canonicalization results for all test cases. One implementation did not submit results for two of test cases.
The test cases covered the following xml
namespace attributes:
xml:lang
and xml:space are "simple
inheritable attributes" in the sense of
section 2.4, Canonical XML 1.1. They are covered by the
test cases xmllang-1 to xmllang-4 and xmlspace-1 to
xmlspace-4. See
detailed description of xml:lang test cases;
detailed description of xml:space test cases.
xml:id
is never copied to a different
element. This attribute is covered by the test cases
xmlid-1 and xmlid-2. See
detailed description of xml:id test cases.
xml:base
requires a relatively complicated
fix-up algorithm. While there was general agreement on the
desired results of that algorithm, its specification was
refined during the Candidate Recommendation phase to
improve specification clarity and address edge cases. This
refinement process happened in close coordination with the
participants in the interoperability testing.
The relevant test cases are: xmlbase-cc14n11spec-102, xmlbase-c14n11spec2-102, xmlbase-c14n11spec3-103, xmlbase-prop-1 to xmlbase-prop-7. These test cases are specifically intended to exercise those edge cases that were discovered during the Candidate Recommendation phase.
The XML Digital Signature package is bundled into IBM JREs that ship with IBM products or are downloaded for IBM systems. The XML Digital Signature package bundled into all IBM JREs at the Java 6.0 level or higher, and by special arrangement at earlier levels. It is a separate security provider, so would either need to be in the provider list in jre/lib/security/java.security or added programmatically at runtime. The C14N11 capability is currently (11 January, 2008) a technology preview that is not yet generally available.