[xmlsec] XPATH and Visa 3D-secure specification

Jacek Nowacki jacekn@polcard.com.pl
Thu, 25 Sep 2003 17:42:52 +0200


> What I don't get now is 1) why they don't recognize their error and 2) how
> they've gotten this far without correcting it.  Maybe they just think
> they're too big to be wrong.  Has anybody other than Slava tried to
> straighten them out?

Yes, I have sent a question to them about this about a week ago, after Mr Sanin has responded to my question on this mailing list (thread "Reference URI: ID vs CDATA"). Visa have responded that they agree that it would be better if their specs define this attribute as "ID" from the beginning. But they decided not to change it, because they see that everything is working in practice. 


Jacek Nowacki



> 
> > -----Original Message-----
> > From: Rich Salz [mailto:rsalz@datapower.com] 
> > Sent: Thursday, September 25, 2003 11:15 AM
> > To: Jesse Pelton
> > Cc: Slava Kostin; xmlsec@aleksey.com
> > Subject: Re: [xmlsec] XPATH and Visa 3D-secure specification
> > 
> > 
> > > I think that's the core question: does the Visa spec call 
> > for handling their
> > > CDATA "id" attribute as if it were an ID?  I don't know 
> > anything about the
> > > spec, except that it causes this question to arise periodically
> > > (occasionally inducing me to rant).  Slava, can you point 
> > to it, or excerpt
> > > relevant sections?
> > 
> > It doesn't matter; if they are using "URI=#..." in the 
> > Reference, then 
> > it must be an ID or they are not compliant with the DSIG spec.
> > 	/r$
> _______________________________________________
> xmlsec mailing list
> xmlsec@aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec


-- 
Jacek Nowacki
PolCard S.A.

Sign petition against software patents: http://petition.eurolinux.org