ghopp
/
server_playground
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Another abandoned server code base... this is kind of an ancestor of taskrambler.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
160 Commits
1 Branch
0 Tags
51 MiB
 
 
 
 
 
 
Tree: 2a98883031
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '2a98883031'
${ noResults }
server_playground/doc/www.w3.org/TR/2003/NOTE-soap12-n11n-20031008/index.html

382 lines
19 KiB
Raw Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html lang="en"><head><META http-equiv="Content-Type" content="text/html; charset=utf-8"><title>SOAP Version 1.2 Message Normalization</title><style type="text/css">
code { font-family: monospace; }
div.constraint,
div.issue,
div.note,
div.notice { margin-left: 2em; }
dt.label { display: run-in; }
li, p { margin-top: 0.3em;
margin-bottom: 0.3em; }
.diff-chg { background-color: #e47833; }
.diff-del { background-color: red; text-decoration: line-through;}
.diff-add { background-color: lime; }
table { empty-cells: show; }
div.exampleInner pre { margin-left: 1em;
margin-top: 0em; margin-bottom: 0em}
div.exampleOuter {border: 4px double gray;
margin: 0em; padding: 0em}
div.exampleInner { background-color: #d5dee3;
border-top-width: 4px;
border-top-style: double;
border-top-color: #d3d3d3;
border-bottom-width: 4px;
border-bottom-style: double;
border-bottom-color: #d3d3d3;
padding: 4px; margin: 0em }
div.exampleWrapper { margin: 4px }
div.exampleHeader { font-weight: bold;
margin: 4px}
</style><link type="text/css" rel="stylesheet" href="http://www.w3.org/StyleSheets/TR/W3C-WG-NOTE.css"></head><body>
<div class="head"><p><a href="http://www.w3.org/"><img width="72" height="48" alt="W3C" src="http://www.w3.org/Icons/w3c_home"></a></p>
<h1>SOAP Version 1.2 Message Normalization</h1>
<h2>W3C Working Group Note 8 October 2003</h2><dl><dt>This version:</dt><dd><a href="http://www.w3.org/TR/2003/NOTE-soap12-n11n-20031008/">http://www.w3.org/TR/2003/NOTE-soap12-n11n-20031008/</a></dd><dt>Latest version:</dt><dd><a href="http://www.w3.org/TR/soap12-n11n/">http://www.w3.org/TR/soap12-n11n/</a></dd><dd><dt>Previous version:</dt><dd><a href="http://www.w3.org/TR/2003/NOTE-soap12-n11n-20030328/">http://www.w3.org/TR/2003/NOTE-soap12-n11n-20030328/</a></dd><dt>Editors:</dt>
<dd>Martin Gudgin, Microsoft</dd>
<dd>Marc Hadley, Sun Microsystems</dd>
</dl><p class="copyright"><a href="http://www.w3.org/Consortium/Legal/ipr-notice#Copyright">Copyright</a> &copy;2003 <a href="http://www.w3.org/"><acronym title="World Wide Web Consortium">W3C</acronym></a><sup>&reg;</sup>(<a href="http://www.lcs.mit.edu/"><acronym title="Massachusetts Institute of Technology">MIT</acronym></a>, <a href="http://www.ercim.org/"><acronym title="European Research Consortium for Informatics and Mathematics">ERCIM</acronym></a>, <a href="http://www.keio.ac.jp/">Keio</a>), All Rights Reserved. W3C <a href="http://www.w3.org/Consortium/Legal/ipr-notice#Legal_Disclaimer">liability</a>, <a href="http://www.w3.org/Consortium/Legal/ipr-notice#W3C_Trademarks">trademark</a>, <a href="http://www.w3.org/Consortium/Legal/copyright-documents">document use</a> and <a href="http://www.w3.org/Consortium/Legal/copyright-software">software licensing</a> rules apply.</p></div><hr><div>
<h2><a name="abstract">Abstract</a></h2>
<p>SOAP 1.2 intermediaries have some license when reserializing
messages that pass through them. This document defines a
transformation algorithm that renders all semantically equivalent SOAP
messages identically. The transformation may be used in
conjunction with an XML canonicalization algorithm prior to the
generation of a message digest in producing XML digital signatures
that are sufficiently robust to survive passage through one or
more SOAP intermediaries.</p>
</div><div>
<h2><a name="status">Status of this Document</a></h2>
<p><em>This section describes the status of this document at the time of its publication. Other documents may supersede this document. A list of current W3C publications and the latest revision of this technical report can be found in the <a href="http://www.w3.org/TR/">W3C technical reports index</a> at http://www.w3.org/TR/.</em></p>
<p>
Publication as a Working Group Note does not imply endorsement by
the W3C Membership. This is a draft document and may be updated,
replaced or obsoleted by other documents at any time. It is
inappropriate to cite this document as other than work in progress.
</p>
<p>This document is the work of the W3C XML Protocol Working Group,
and no more work from this Working Group is currently expected on
this document.</p>
<p>The XML Protocol Working Group is part of the <a href="http://www.w3.org/2002/ws/Activity">Web Services Activity</a>.</p>
<p>Comments on this document should be sent to the
<a href="http://lists.w3.org/Archives/Public/xml-dist-app/">
publicly archived</a> mailing list
<a href="mailto:xml-dist-app@w3.org">xml-dist-app@w3.org</a>
</p>
<p>Patent disclosures relevant to this specification may be
found on the Working Group's <a href="http://www.w3.org/2000/xp/Group/2/10/16-IPR-statements.html">patent
disclosure page</a>.</p>
</div>
<hr><div class="toc">
<h2><a name="contents">Table of Contents</a></h2><p class="toc">1. <a href="#intro">Introduction</a><br>&nbsp;&nbsp;&nbsp;&nbsp;1.1 <a href="#notation">Notational Conventions</a><br>2. <a href="#N100D6">The Need for SOAP Message Normalization</a><br>&nbsp;&nbsp;&nbsp;&nbsp;2.1 <a href="#N100DB">A Simple Example</a><br>3. <a href="#N10103">Specification of SOAP Message Normalization</a><br>4. <a href="#N101B1">Use in XML Security</a><br>5. <a href="#refs">References</a><br>&nbsp;&nbsp;&nbsp;&nbsp;5.1 <a href="#normrefs">Normative References</a><br>&nbsp;&nbsp;&nbsp;&nbsp;5.2 <a href="#nonnormrefs">Informative References</a><br></p>
<h3><a id="appendix" name="appendix">Appendices</a></h3><p class="toc">A. <a href="#xsltimpl">XSLT Implementation</a> (Non-Normative)<br>B. <a href="#acks">Acknowledgements</a> (Non-Normative)<br></p></div><hr><div class="body">
<div class="div1">
<h2><a name="intro"></a>1. Introduction</h2>
<p>SOAP 1.2 <a href="#SOAP-PART1">[SOAP Part1]</a> intermediaries have some
license when reserializing messages that pass through them.
Current XML canonicalizations (see <a href="#XMLC14N">[XML C14N]</a> and
<a href="#EXCLC14N">[EXCL C14N]</a>) do not take into account the transforms
that a SOAP intermediary can legally apply to messages passing
through it. This document defines a transformation that renders all
semantically equivalent SOAP messages identically. This
transformation may be used in conjunction with an XML
canonicalization algorithm prior to the generation of a message
digest in producing XML digital signatures that are sufficiently
robust to survive passage through one or more SOAP
intermediaries.</p>
<div class="div2">
<h3><a name="notation"></a>1.1 Notational Conventions</h3>
<p>The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described
in <a href="#RFC2119">[RFC 2119]</a>.</p>
<p>This note uses a number of namespace prefixes
throughout; they are listed in <a href="#tabnsprefixes"><b>Table 1</b></a>.
Note that the choice of any namespace prefix is arbitrary and
not semantically significant (see <a href="#XMLInfoSet">[XML InfoSet]</a>).</p>
<a name="tabnsprefixes"></a><table border="1">
<caption>Table 1: Prefixes and Namespaces used in this specification.</caption>
<tbody>
<tr>
<th rowspan="1" colspan="1">Prefix</th>
<th rowspan="1" colspan="1">Namespace</th>
<th rowspan="1" colspan="1">Notes</th>
</tr>
<tr>
<td rowspan="1" colspan="1">env</td>
<td rowspan="1" colspan="1">"http://www.w3.org/2003/05/soap-envelope"</td>
<td rowspan="1" colspan="1">A normative XML Schema <a href="#XMLSchemaP1">[XML Schema Part1]</a>,
<a href="#XMLSchemaP2">[XML Schema Part2]</a> document for the
"http://www.w3.org/2003/05/soap-envelope"
namespace can be found at <a href="http://www.w3.org/2003/05/soap-envelope">http://www.w3.org/2003/05/soap-envelope</a>.</td>
</tr>
</tbody>
</table>
<p>Namespace names of the general form
"http://example.org/..." and
"http://example.com/..." represent application or
context-dependent URIs (see <a href="#RFC2396">[RFC 2396]</a>).</p>
<p>All parts of this note are normative, with the exception of
examples and sections explicitly marked as "Non-Normative".</p>
</div>
</div>
<div class="div1">
<h2><a name="N100D6"></a>2. The Need for SOAP Message Normalization</h2>
<div class="div2">
<h3><a name="N100DB"></a>2.1 A Simple Example</h3>
<p>As a simple example of the kind of problem a SOAP
intermediary can cause for an XML signature, consider the
following SOAP message:</p>
<div class="exampleOuter">
<div class="exampleHead">Example 1: SOAP message containing a SOAP header block and a SOAP body</div>
<div class="exampleInner"><pre>&lt;env:Envelope xmlns:env="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;env:Header&gt;
&lt;n:alertcontrol env:mustUnderstand="false"
xmlns:n="http://example.org/alertcontrol"&gt;
&lt;n:priority&gt;1&lt;/n:priority&gt;
&lt;n:expires&gt;2001-06-22T14:00:00-05:00&lt;/n:expires&gt;
&lt;/n:alertcontrol&gt;
&lt;/env:Header&gt;
&lt;env:Body&gt;
&lt;m:alert xmlns:m="http://example.org/alert"&gt;
&lt;m:msg&gt;Pick up Mary at school at 2pm&lt;/m:msg&gt;
&lt;/m:alert&gt;
&lt;/env:Body&gt;
&lt;/env:Envelope&gt;</pre></div></div>
<p>A SOAP intermediary is at liberty to remove the
<code>env:mustUnderstand</code> attribute from SOAP header blocks
when its value is "false" or "0".
If the message included a signature of the header block
generated using XML Canonicalization <a href="#XMLC14N">[XML C14N]</a> or
Exclusive XML Canonicalization <a href="#EXCLC14N">[EXCL C14N]</a> then
that signature would be invalidated if the intermediary removed
the <code>mustUnderstand</code> attribute. There is therefore a
requirement for a transformation that takes into account the
variations that a SOAP intermediary can introduce. SOAP Message
Normalization fulfils this requirement.</p>
</div>
</div>
<div class="div1">
<h2><a name="N10103"></a>3. Specification of SOAP Message Normalization</h2>
<p>SOAP Message Normalization is specified as an XML infoset
transformation and consists of the following steps:</p>
<ul>
<li><p>A SOAP <code>Header</code> element information
item that has no child element information items is
removed.</p></li>
<li>
<p>If a SOAP <code>Header</code> element information
item is present then for each child element information item
of the SOAP <code>Header</code> element information item:</p>
<ul>
<li><p>If the SOAP <code>mustUnderstand</code> attribute
information item is present with a value of
"0" or "false" then remove the
<code>mustUnderstand</code> attribute information
item.</p></li>
<li><p>If the SOAP <code>mustUnderstand</code> attribute
information item is present with a value of
"1" then change its value to
"true".</p></li>
<li><p>If the SOAP <code>role</code> attribute information
item is present with a value of
"http://www.w3.org/2003/05/soap-envelope/role/
ultimateReceiver" or "" then remove
the <code>role</code> attribute information item.</p></li>
<li><p>If the SOAP <code>relay</code> attribute
information item is present with a value of
"0" or "false" then remove the
<code>relay</code> attribute information
item.</p></li>
<li><p>If the SOAP <code>relay</code> attribute
information item is present with a value of
"1" then change its value to
"true".</p></li>
</ul>
</li>
<li><p>Processing instruction information items that are
children of the SOAP <code>Envelope</code> , <code>Header</code> ,
<code>Fault</code> , <code>Code</code> , <code>Subcode</code> , <code>Value</code> ,
<code>Reason</code> , <code>Text</code> , <code>Node</code> and <code>Role</code>
element information items are removed.</p></li>
<li><p>Whitespace character information items that are
children of the SOAP <code>Envelope</code> , <code>Header</code> ,
<code>Fault</code> , <code>Code</code> , <code>Subcode</code> , <code>Value</code> ,
<code>Reason</code> , <code>Node</code> and <code>Role</code> element
information items are removed.</p></li>
</ul>
</div>
<div class="div1">
<h2><a name="N101B1"></a>4. Use in XML Security</h2>
<p>SOAP Message Normalization may be used as a <code>Transform</code>
algorithm in XML Digital Signature <a href="#XMLDSIG">[XML DSig]</a>. Use of
a separate <code>CanonicalizationMethod</code> such as XML
Canonicalization <a href="#XMLC14N">[XML C14N]</a> or Exclusive XML
Canonicalization <a href="#EXCLC14N">[EXCL C14N]</a> is required. SOAP
Message Normalization is identified with the following URI:</p>
<ul>
<li><p>"http://www.w3.org/2003/10/soap12-n11n"</p></li>
</ul>
</div>
<div class="div1">
<h2><a name="refs"></a>5. References</h2>
<div class="div2">
<h3><a name="normrefs"></a>5.1 Normative References</h3>
<dl>
<dt class="label"><a name="SOAP-PART1"></a>[SOAP Part1] </dt><dd>W3C Recommendation "SOAP
Version 1.2 Part 1: Messaging Framework", Martin Gudgin, Marc
Hadley, Noah Mendelsohn, Jean-Jacques Moreau, Henrik Frystyk Nielsen, 24 June 2003. (See <a href="http://www.w3.org/TR/2003/REC-soap12-part1-20030624/">http://www.w3.org/TR/2003/REC-soap12-part1-20030624/</a>.)</dd>
<dt class="label"><a name="RFC2119"></a>[RFC 2119] </dt><dd>IETF "RFC 2119: Key
words for use in RFCs to Indicate Requirement Levels", S.
Bradner, March 1997. (See <a href="http://www.ietf.org/rfc/rfc2119.txt">http://www.ietf.org/rfc/rfc2119.txt</a>.)</dd>
<dt class="label"><a name="RFC2396"></a>[RFC 2396] </dt><dd>IETF "RFC 2396:
Uniform Resource Identifiers (URI): Generic Syntax", T.
Berners-Lee, R. Fielding, L. Masinter, August 1998. (See <a href="http://www.ietf.org/rfc/rfc2396.txt">http://www.ietf.org/rfc/rfc2396.txt</a>.)</dd>
<dt class="label"><a name="XMLSchemaP1"></a>[XML Schema Part1] </dt><dd>W3C
Recommendation "XML Schema Part 1: Structures", Henry S.
Thompson, David Beech, Murray Maloney, Noah Mendelsohn, 2 May
2001. (See <a href="http://www.w3.org/TR/2001/REC-xmlschema-1-20010502/">http://www.w3.org/TR/2001/REC-xmlschema-1-20010502/</a>.)</dd>
<dt class="label"><a name="XMLSchemaP2"></a>[XML Schema Part2] </dt><dd>W3C
Recommendation "XML Schema Part 2: Datatypes", Paul V. Biron,
Ashok Malhotra, 2 May 2001. (See <a href="http://www.w3.org/TR/2001/REC-xmlschema-2-20010502/">http://www.w3.org/TR/2001/REC-xmlschema-2-20010502/</a>.)</dd>
<dt class="label"><a name="XMLNS"></a>[Namespaces in XML] </dt><dd>W3C Recommendation "Namespaces in XML", Tim Bray,
Dave Hollander, Andrew Layman, 14 January 1999. (See <a href="http://www.w3.org/TR/1999/REC-xml-names-19990114/">http://www.w3.org/TR/1999/REC-xml-names-19990114/</a>.)</dd>
<dt class="label"><a name="XML"></a>[XML 1.0] </dt><dd>W3C
Recommendation "Extensible Markup Language (XML) 1.0 (Second
Edition)", Tim Bray, Jean Paoli, C. M. Sperberg-McQueen, Eve
Maler, 6 October 2000. (See <a href="http://www.w3.org/TR/2000/REC-xml-20001006">http://www.w3.org/TR/2000/REC-xml-20001006</a>.)</dd>
<dt class="label"><a name="XMLInfoSet"></a>[XML InfoSet] </dt><dd>W3C
Recommendation "XML Information Set", John Cowan, Richard Tobin,
24 October 2001. (See <a href="http://www.w3.org/TR/2001/REC-xml-infoset-20011024/">http://www.w3.org/TR/2001/REC-xml-infoset-20011024/</a>.)</dd>
<dt class="label"><a name="XMLC14N"></a>[XML C14N] </dt><dd>W3C
Recommendation "Canonical XML", John Boyer,
15 March 2001. (See <a href="http://www.w3.org/TR/xml-c14n">http://www.w3.org/TR/xml-c14n</a>.)</dd>
<dt class="label"><a name="EXCLC14N"></a>[EXCL C14N] </dt><dd>W3C
Recommendation "Exclusive Canonical XML", John Boyer, Donald Eastlake, Joseph Reagle,
18 July 2001. (See <a href="http://www.w3.org/TR/xml-exc-c14n/">http://www.w3.org/TR/xml-exc-c14n/</a>.)</dd>
<dt class="label"><a name="XMLDSIG"></a>[XML DSig] </dt><dd>IETF Draft Standard/W3C Recommendation "XML-Signature
Syntax and Processing", D. Eastlake, J. Reagle, and D. Solo, August 2001. (See <a href="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/">http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/</a>.)</dd>
<dt class="label"><a name="XMLENC"></a>[XML Enc] </dt><dd>W3C
Recommendation "XML Encryption Syntax and Processing", Takeshi Imamura, Blair Dillaway, Ed Simon, December 2002. (See <a href="http://www.w3.org/TR/xmlenc-core/">http://www.w3.org/TR/xmlenc-core/</a>.)</dd>
</dl>
</div>
<div class="div2">
<h3><a name="nonnormrefs"></a>5.2 Informative References</h3>
<dl>
<dt class="label"><a name="soap11"></a>[SOAP 1.1] </dt><dd>W3C Note "Simple Object
Access Protocol (SOAP) 1.1", Don Box, David Ehnebuske, Gopal
Kakivaya, Andrew Layman, Noah Mendelsohn, Henrik Nielsen,
Satish Thatte, Dave Winer, 8 May 2000. (See <a href="http://www.w3.org/TR/SOAP/">http://www.w3.org/TR/SOAP/</a>.)</dd>
</dl>
</div>
</div>
</div>
<div class="back">
<div class="div1">
<h2><a name="xsltimpl"></a>A. XSLT Implementation (Non-Normative)</h2>
<p>A future version of this document might usefully contain an
implementation of SOAP Message Normalization in the form of an
XSLT stylesheet.</p>
</div>
<div class="div1">
<h2><a name="acks"></a>B. Acknowledgements (Non-Normative)</h2>
<p>This document is the work of the W3C XML Protocol Working Group.</p>
<p>The authors would like to thank Rich Salz for initiating this
work. The authors would like to thank Rich Salz and Joseph Reagle
for reviewing this document during production</p>
</div>
</div>
</body></html>