[Standards-JIG] Re: The Great Encryption Debate

Ian Paterson ian.paterson at clientside.co.uk
Tue Aug 9 01:31:06 UTC 2005


> > The alternative is to require both entities to remove
> > any white-space between elements and convert the XML
> > into some canonical form.
> 
> Whitespace IS important in XML. Ideally nothing should
> touch it.

Yes it is important in XML. But (unfortunately IMHO) white-space between
elements is *not* important in XMPP. For example, the Psi client sends
line breaks between elements. The XMPP application that receives the
stanzas MUST ignore all the extra character content nodes created by a
*standard* XML parser.

RFC 3920 specifies that during TLS and SASL negotiation, an entity MUST
NOT send any white space characters as separators between elements.
JEP-0116 has similar motivations.

Can we be confident that all intermediaries (including non-XMPP
networks) will faithfully pass on white-space between elements?

> If this wasn't the case then our "message/body"s
> would be all screwy.

The proposal is only to remove white-space *between elements*.

I hope this won't be too difficult for implementors since the only XML
being canonicalized is the content of a data form and the content of an
<encrypted/> element.

- Ian




More information about the Standards mailing list