ISSUE-73: XML Schema defaults [Best Practices for XML Signature]

• From: XML Security Working Group Issue Tracker <sysbot+tracker@w3.org>
• Date: Thu, 13 Nov 2008 20:35:37 +0000 (GMT)
• To: public-xmlsec@w3.org
• Message-Id: <20081113203537.1F125C6DB5@barney.w3.org>

ISSUE-73: XML Schema defaults [Best Practices for XML Signature]

http://www.w3.org/2008/xmlsec/track/issues/73

Raised by: Frederick Hirsch
On product: Best Practices for XML Signature

see http://www.ietf.org/mail-archive/web/keyprov/current/msg00531.html

There is a cool feature in XML Schemas that allows you to specify default values.
The not so cool side-effect is that signatures tend to break when you use this feature.

Why?

When you generate XML you usually do not use a schema, you just write.
The signature generation part do not know the schema either which means that defaults are not 
emitted (well, that was I guess the whole point with defaults anyway).

When you parse XML under the control of a schema you get the defaults filled in.  If you verify 
signatures on the DOM tree that may be the result of the read operation it will fail.

That is, if you want to keep defaults you should probably add a paragraph telling the "signer" to 
always fill in the right ("canonicalized") data and not depend on the defaults otherwise the 
"verifier" will be in trouble.

Other reference:
http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2005OctDec/0017.html

Anders

_______________________________________________
KEYPROV mailing list
KEYPROV at ietf.org
https://www.ietf.org/mailman/listinfo/keyprov

Received on Thursday, 13 November 2008 20:35:45 UTC