[xmlsec] XPATH and Visa 3D-secure specification

Jacek Nowacki jacekn@polcard.com.pl
Thu, 25 Sep 2003 17:07:04 +0200


> Are they doing something like this?
> 
>      <visa:PARes id="...">
> and then later on doing
>      <ds:Reference URI="#..."

they are doing like this:
....
<PARes id="ABC/D+">
....
</PARes><Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
....
<Reference URI="#ABC/D+">
....

The "+" and "/" characters do occur in real messages. And their DTD is as follows:
<!ATTLIST PARes id CDATA #REQUIRED>

but it is necessary to override their DTD to (FAQ 3.2):
<!ATTLIST PARes id ID #REQUIRED>

The real values of "is" attribute are not allowed for the "ID" type and this is the problem. I cannot use xmlsec for Visa 3-D Secure and I am trying to patch it. 

Jacek Nowacki