Following up on my prior post about end-to-end encryption, I chatted with DizzyD about the XML canonicalization requirement imposed by XML signatures and XML encryption. He reports (based on his interop experience with SAML) that canonicalization (a.k.a. "c14n") doesn't get along well with XML namespaces. This is important because we use a lot of XML namespaces in the Jabber/XMPP world. It seems that the XML community has worked on two solutions to the namespaces issue:
It's a bit worrisome that plain old XML canonicalization doesn't work well. It's even more worrisome that the folks who worked on Schema Centric XML Canonicalization didn't think that Exclusive XML Canonicalization solved the problem...