Exclusive XML Canonicalization, Version 1.0
RFC 3741

Document Type RFC - Informational (March 2004; Errata)
Last updated 2015-10-14
Stream IETF
Formats plain text pdf html bibtex
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 3741 (Informational)
Consensus Boilerplate Unknown
Telechat date
Responsible AD Russ Housley
IESG note The revised draft includes the changes requested by Randy Bush. It is back on the agenda to confirm that there are no further concerns.
Send notices to (None)
Network Working Group                                           J. Boyer
Request for Comments: 3741                            PureEdge Solutions
Category: Informational                                  D. Eastlake 3rd
                                                                Motorola
                                                               J. Reagle
                                                                     W3C
                                                              March 2004

              Exclusive XML Canonicalization, Version 1.0

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2004).  All Rights Reserved.

Abstract

   Canonical XML specifies a standard serialization of XML that, when
   applied to a subdocument, includes the subdocument's ancestor context
   including all of the namespace declarations and attributes in the
   "xml:" namespace.  However, some applications require a method which,
   to the extent practical, excludes ancestor context from a
   canonicalized subdocument.  For example, one might require a digital
   signature over an XML payload (subdocument) in an XML message that
   will not break when that subdocument is removed from its original
   message and/or inserted into a different context.  This requirement
   is satisfied by Exclusive XML Canonicalization.

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  2
       1.1.  Terminology. . . . . . . . . . . . . . . . . . . . . . .  2
       1.2.  Applications . . . . . . . . . . . . . . . . . . . . . .  4
       1.3.  Limitations. . . . . . . . . . . . . . . . . . . . . . .  5
   2.  The Need for Exclusive XML Canonicalization. . . . . . . . . .  5
       2.1.  A Simple Example . . . . . . . . . . . . . . . . . . . .  6
       2.2.  General Problems with re-Enveloping. . . . . . . . . . .  7
   3.  Specification of Exclusive XML Canonicalization. . . . . . . .  8
       3.1.  Constrained Implementation (non-normative) . . . . . . .  9
   4.  Use in XML Security. . . . . . . . . . . . . . . . . . . . . . 10
   5.  Security Considerations. . . . . . . . . . . . . . . . . . . . 12
       5.1.  Target Context . . . . . . . . . . . . . . . . . . . . . 12

Boyer, et al.                Informational                      [Page 1]
RFC 3741             Exclusive XML Canonicalization           March 2004

       5.2.  'Esoteric' Node-sets . . . . . . . . . . . . . . . . . . 13
   6.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 13
       6.1.  Normative References . . . . . . . . . . . . . . . . . . 13
       6.2.  Informative References . . . . . . . . . . . . . . . . . 14
   7.  Acknowledgements (Informative) . . . . . . . . . . . . . . . . 14
   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 15
   Full Copyright Statement . . . . . . . . . . . . . . . . . . . . . 16

1.  Introduction

   The XML Recommendation [XML] specifies the syntax of a class of
   objects called XML documents.  The Namespaces in XML Recommendation
   [XML-NS] specifies additional syntax and semantics for XML documents.
   It is normal for XML documents and subdocuments which are equivalent
   for the purposes of many applications to differ in their physical
   representation.  For example, they may differ in their entity
   structure, attribute ordering, and character encoding.  The goal of
   this specification is to establish a method for serializing the XPath
   node-set representation of an XML document or subset such that:

      1. The node-set is minimally affected by any XML context which has
         been omitted.
      2. The canonicalization of a node-set representing well-balanced
         XML [XML-Fragment] will be unaltered by further applications of
         exclusive canonicalization.
      3. It can be determined whether two node-sets are identical except
         for transformations considered insignificant by this
         specification under [XML, XML-NS].

   An understanding of the Canonical XML Recommendation [XML-C14N] is
   required.

   The World Wide Web Consortium Recommendation corresponding to this
   RFC is at: http://www.w3.org/TR/xml-exc-c14n.  Errata are located at
   http://www.w3.org/2002/07/xml-exc-c14n-errata.

1.1.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [Keywords].

   The XPath 1.0 Recommendation [XPath] defines the term node-set and
   specifies a data model for representing an input XML document as a
   set of nodes of various types (element, attribute, namespace, text,
   comment, processing instruction, and root).  The nodes are included
   in or excluded from a node-set based on the evaluation of an
Show full document text