[xmlsec] Usage of reference URI and "Id"

Aleksey Sanin aleksey at aleksey.com
Wed Jun 19 09:27:20 PDT 2002

Hi, Sascha!

XML 1.0 does define the ID attribute type but not the name of the 
XML Digital Signature uses "Id" and I incorrectly assumed that everyone
else is also using "Id" :) However, it may not be the case and you can use
any name "id", "ID", "this_is_my_id", etc. This is defenetly a bug in xmlsec
and I will fix it (but righnt now I am not sure, how can I do it :) ).
Will you mind to file a bug about this in bugzilla 
please? It'll be a good reminder for me :)


Sascha Breite wrote:

>Dear Aleksey,
>I am using your xmlsec library on a WIN32 system. Step by step I get a
>better understandig of how it works. But I have a simple question:
>I try to verify a XML document with an internal reference URI="#12345". But
>the document node is identified by
>	<MyNode id="12345">...</MyNode>...<Reference URI="#12345"/>...
>and not by
>	<MyNode Id="12345">...</MyNode>...<Reference URI="#12345"/>...
>The difference is in "id" and "Id" (upper case 'i'). xmlSecDSigValidate()
>will fail, because "id" wouldn't match with "Id". In the xmlsec sources I
>changed "Id" to "id" and now it is working fine.
>But is this the right way? Or is there a "bug" inside the signed document,
>which uses "id"? Or should xmlSecDSigValidate() accept "id", "Id" and (why
>not?) "ID"? I am not sure about what W3C's "XML-Signature Syntax and
>Processing" is saying about this...
>Thanks for your answer!
>Kindly regards,
>Sascha Breite

More information about the xmlsec mailing list