[xmlsec] Encryption and namespace

xs04.jmdesp at free.fr xs04.jmdesp at free.fr
Wed Mar 31 07:45:48 PST 2004


Quoting Aleksey Sanin <aleksey at aleksey.com>:
> > the right solution. There is more than just in-scope namespaces which are
> > inherited from a document, like entities ...
> Yes, you are right. It's much more. The general idea behind the spec is
> that you get a piece of XML document and encrypt it, then someone
> decrypts this piece and gets original XML document "as-is".

But how much is really necessary to handle *that* specific case ? 
There will not be any modification or reading of the intermediary document, it's
created only to be inserted immediatly back inside the original. There will be
no interpretation of content and the entities just have to copied as is.

So I wonder if, at least as a first step to get it working, it would not be
enough to just add one by one the missing namespace to the "dummyPrefix" in
xmlSecReplaceNodeBuffer.



More information about the xmlsec mailing list