[xmlsec] Signature in different namespace

Simon Josefsson simon at josefsson.org
Mon Oct 15 15:23:36 PDT 2012

"G. Ken Holman" <gkholman at CraneSoftwrights.com> writes:

>        <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1">
> I hope this helps.

Thank you -- 'ref="ds:Signature"' is used in SAML Assertion as well so
it seems like a good approach.

More insight into this would be appreciated.  Is there any way the RFC
6030 approach could work?  I'm concerned that there is an example in the
RFC that people may have modelled their implementations after.  My
current approach to remove the ds: prefix on the Signature element leads
to valid XML so that workaround would works even if isn't kosher.
Having some pointer to text in the XMLDsig standard explaining that this
is improper would help.


More information about the xmlsec mailing list