Use of namespace prefix in XML-Signature from Don Park on 2001-10-11 (w3c-ietf-xmldsig@w3.org from October to December 2001)

From: Don Park <donpark@docuverse.com>
Date: Thu, 11 Oct 2001 04:33:26 -0700
To: <w3c-ietf-xmldsig@w3.org>
Message-ID: <OHEPIPNFLKEOGKLBBAKHEEAGCKAA.donpark@docuverse.com>

Hiya,

I have been playing around with Christian Geuer-Pollma's wonderful Java
library over the weekend and ran into a problem which I feel deserves some
discussion on this list because the problem might exist in other
implementations, and because of a weakness in DOM API that affects this
problem.

Application Constraint causing the Problem:

I had a hand in the design of Visa's 3D-Secure protocol which uses
XML-Signature for payment authentication response message (aka PARes) in the
protocol.  Due to certain design and business constraints, all messages have
to use default namespace declarations.  No namespace prefixes are allowed.

Problem with Christian's library:

Charistian's library generates <Signature> elements with "ds" as namespace
prefix.  Looking it at the source code, there was no apparent way to
generate <Signature> elements using default namespace.

Problem with DOM API:

As of DOM Level 2, there was no implementation independent means to remove
namespace prefixes from a Document without having to build a new Document
and duplicating nodes minus the prefixes.  Node.setPrefix() behavior is
unclear regarding null or empty prefix as parameter.

I would like to hear from other implementors about this issue.  Does your
implementation mandate use of namespace prefixes?

Best,

Don Park

Received on Thursday, 11 October 2001 07:34:30 UTC