Canonical EXI

1.1 Notational Conventions and Terminology

The key words MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD, SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL, when they appear EMPHASIZED in this document, are to be interpreted as described in RFC 2119 [IETF RFC 2119].

The term canonical is used throughout this document to denote a normative form in regard to the physical representation. The term canonical EXI refers to EXI that is in canonical form produced by the method described in this specification.

The term sorted lexicographically denotes lexicographical ordering of strings which is done by comparing character by character. Individual characters are ordered by comparing their Unicode code points.

1.2 Need of Canonical EXI

Many environments and device classes have difficulties to handle plain-text XML due to various reasons (e.g., document size and processing overhead). W3Cs Efficient XML Interchange Format has been developed to provide a solution to these issues and to extend the use of XML and its tools.

With EXI, constrained environments and device classes (low memory, bandwidth, and processing power) have the possibility to be part of the XML world. However, some use cases also require a canonical representation of the XML-based data for comparison of logical and physical equivalence. Hence, supporting EXI canonicalization without going through plain-text XML where nothing else but EXI is available is needed.

1.3 Applications

One application field for the canonical form of an XML-based document or document subset is digital signature. During signature generation, the digest is computed over the canonical form of the document or the document subset respectively. The document is then transferred to the relying party, which validates the signature by reading the document and computing a digest of the canonical form of the received document (see 3.2 Signature Processing Steps). If there is equivalence the relying parties can ensure that the information content of the document has not been altered since it was signed.

Although EXI supports plain-text XML Signature by preserving XML information such as comments and prefixes (see EXI Best Practices for XML Signature) this strategy is not suited for all environments and use cases.

1.4 Limitations

It is the goal of this specification to provide a canonical EXI form for various use-cases. For example, restricted and very limited devices should be able to create or check against a canonical EXI stream. This applies to devices that may be able to speak only a given EXI language only (according to an XML Schema) or support only a subset of all EXI features.

Therefore, the process for building a Canonical EXI stream bases upon the knowledge of the used EXI options. Moreover, there is not one canonical EXI stream of an EXI event sequence but many according to the schema knowledge in use and the according EXI options and fidelity settings. These EXI options MUST be set or known (e.g., out-of-band) so that two parties produce the same octet stream. That said, this also implies that the process for building a Canonical EXI stream does not take into account the EXI header and its options but instead solely bases on the EXI Body stream.

2.1 EXI Alignment Options and Streams

EXI provides four alignment options, namely bit-packed, byte-alignment, pre-compression, and compression.

The canonicalized EXI form is the resulting EXI stream following the rules defined in this document. When the alignment option compression is set for an EXI stream, its canonical form is computed as if the EXI stream was encoded using the alignment option pre-compression.

EXI processors may make use of padding bits, for example to make the length of the EXI stream byte-aligned. In a Canonical EXI stream padding bits, if necessary, MUST always be represented as a sequence of 0 (zero) bits.

Each EXI stream begins with an EXI Header but it MUST NOT be taken into account when building the canonical EXI form.

2.2 EXI Event Selection

EXI processors represent a given event such as a start element or an attribute by serializing an event code first, followed by the according event content. Each event code is represented by a sequence of 1 to 3 parts that uniquely identifies an event.

In situations where an EXI processor disposes of more than one possible event (-code) the canonical EXI form prescribes which event and respectively which event code has to be chosen.

That said, it is not uncommon that an EXI processors has certain flexibility in choosing the appropriate EXI grammar production, or respectively the appropriate event. Moreover, the availability of grammar productions is subject to the convention used by the application. A prominent convention is the [Efficient XML Interchange (EXI) Profile], which is more restrictive in regard to which production is usable than the [Efficient XML Interchange (EXI) Format 1.0] specification.

After excluding productions that are not usable according to the convention in use a canonical EXI processor MUST also follow the subsequent order:

1. Use the event with the most accurate event content first

   For Start Element events the order is as follows:

   1. SE( qname )

   2. SE ( uri : * )

   3. SE ( * )

   For Attribute events the order is as follows:

   1. AT( qname )

   2. AT ( uri : * )

   3. AT ( * )

2. IF the accurateness is the same use the event with the least event code parts

The subsequently following example depicts the available productions for an example DocContent grammar. From the perspective of the [Efficient XML Interchange (EXI) Format 1.0] specification it is perfectly fine to match a start element "A" with event code 0 (zero) or 4 (four). A canonical EXI form prescribes event code 0 (zero).

2.3 EXI Stream Order

In general, a canonical EXI processor SHALL NOT change the order of the EXI input sequence. The only exceptions to this statement are sequences of attributes and/or namespace declarations.

The EXI specification defines that namespace (NS) and attribute (AT) events associated with a given element occur directly after the start element (SE) event in the following order:

In addition, canonical EXI specifies that namespace declarations for a given element MUST be sorted lexicographically according to the NS prefix. Further, canonical EXI strictly requires that an xsi:type or an xsi:nil attribute MUST occur before other AT events even if it does not impact grammar selection. Moreover, attributes other than xsi:type and xsi:nil for a given element MUST be sorted lexicographically, first by qname local-name then by qname uri.

2.4 EXI Datatypes

This section describes the built-in EXI datatype representations used for representing content items in canonical EXI streams.

A value content item that can be represented by the associated EXI datatype MUST be represented with the associated datatype representation. When the strict option is false, attributes and character events that cannot be represented by the associated EXI datatype representations (e.g., schema-invalid values) MUST use the additional untyped AT and CH terminal symbols.

When the Preserve.lexicalValues option is true, individual items are represented as String. Each value MUST be represented as a String with the associated restricted character set, if such a set is defined for the associated datatype representation (see Restricted Character Sets for Built-in EXI Datatype Representations). String content items associated with a restricted character MUST also follow the rules described in 2.4.6 Restricted Character Sets.

When the Preserve.lexicalValues option is false, a value content item MUST be represented with the associated datatype representation. The following sub-sections describe the Canonical EXI behavior for datatypes that otherwise may not lead to a uniquely defined representation.

Canonical EXI processors SHOULD support string-based EXI input stream values that according to Canonical EXI must be represented with an EXI datatype other than String (e.g., the value "0.1230" typed as String that according to Canonical EXI Float would be mantissa 123 and exponent -3). However, due to increased code footprint and processing complexity, Canonical EXI processors MUST support only EXI input streams that use the according datatype representation already. Be aware of this restriction when passing EXI streams to a recipient that is required to create the canonical EXI form.

3.1 Canonicalization Method

EXI Canonicalization may be used as a canonicalization method algorithm in XML Signature and XML Encryption. The identifier http://www.w3.org/TR/exi-c14n hereby specifies the rules of this document.

3.2 Signature Processing Steps

The figure below describes the involved processing steps when Canonical EXI is used for signing an EXI document or a fragment and the signature value is embedded within the document: First, the EXI stream or fragment of the EXI stream to be signed has to be transformed in a canonical form according to the requirements given in this document (see 2. EXI Canonicalization). Then, the canonical representation is used to determine the signature value based on the intended signature algorithm. At this point the signature value can be set within the EXI document and can be transmitted to the recipient.

To validate the signature value for compliance, the receiver has to build the canonical EXI stream for the signed portion. Note, this step can be skipped if there is pre-knowledge on the receiver side that the EXI stream already fulfills the requirements of Canonical EXI. Finally, to determine the correctness of the signature value (based on the signature algorithm) it can be compared with the embedded signature value provided by the sender.

Figure 3-1. Canonical EXI used in Signature

4.1 No XML Relationship

This document assumes as input a sequence of EXI events. Hence, there is no strong relationship with XML nor with Canonical XML.

The working group conducted that applications such as XML Signature do not see justifiable benefit from Canonical EXI. Therefore plain-text XML document use-cases should use Canonical XML.

4.2 No EXI Header

An EXI stream is an EXI Header followed by an EXI body.

The EXI Header MUST NOT be taken into account when building the canonical EXI form. This strategy ensures that the flexibility in the EXI Header, such as the optional presence of an EXI Cookie, avoids creating different physical representations.

Therefore the process for building a Canonical EXI stream bases upon the knowledge of the used EXI options. These EXI options MUST be set or known (e.g., out-of-band) so that two parties produce the same octet stream. That said, Canonical EXI is solely based upon the EXI Body stream

4.3 No Unicode Normalization

The Unicode standard allows multiple different representations of certain characters. Thus two character sequences that have the same appearance and meaning when printed or displayed may differ in sequences of code points. EXI Canonicalization uses as its input EXI events in which Strings are represented as sequences of Unicode code points.

A canonical EXI processor MUST NOT change the code points as it is not allowed to alter any other event. However, character model normalization may become an issue when working with plain-text XML.