[xmlsec] building without DTD validation support in libxml
Rich Salz
rsalz at datapower.com
Thu May 12 08:36:54 PDT 2005
> it's a requirement for an XPath *implementation* . You don't need a DTD
> to use XPath obviously. You need DTD parsing support to implement a
> conformant XPath implementation.
No, that's not my point. The note in 5.2.1 says
NOTE: If a document does not have a DTD, then no element in the
document will have a unique ID.
To me, this means that an XPath implementation cannot require a DTD.
Yes, if the XML documents have DTD's in them, then you have to parse
them. But if you're working in an environment that says "no DTD's"
(such as SOAP), then it would be "safe and legal" to #if 0 the DTD part
of the code. I thought this was the kind of thing the original poster
wanted.
Yes, to be conforming XPath implementation (heck, to be a conforming XML
parser), you must support DTD's.
/r$
--
Rich Salz, Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
More information about the xmlsec
mailing list