[xmlsec] XPATH and Visa 3D-secure specification

Rich Salz rsalz at datapower.com
Thu Sep 25 08:22:51 PDT 2003


> <PARes id="ABC/D+">
> ....
> </PARes><Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
> ....
> <Reference URI="#ABC/D+">

This is not conformant with the XML DSIG spec and XPath has nothing to 
do with it.  See sections 4.3.3.2 and 4.3.3.3; in particular, the final 
example in 4.3.3.2 and the following quote from the start of 4.3.3.3
      In a fragment URI, the characters are the number sign
      ('#') character conform to the XPointer syntax.

If you follow the link in the XML DSIG spec, you are redirected to a 
newer W3C document, (the XPointer framework) which explains that this 
must refer to an XML ID.

	/r$
-- 
Rich Salz, Chief Security Architect
DataPower Technology                           http://www.datapower.com
XS40 XML Security Gateway   http://www.datapower.com/products/xs40.html
XML Security Overview  http://www.datapower.com/xmldev/xmlsecurity.html




More information about the xmlsec mailing list