XML Security Specifications Maintenance WG:
Best Practices
%% Back to XMLSec wiki %%
The charter lists an optional deliverable of documenting Best Practices associated with XML Signature. This wiki page is intended for the WG to document best practices on an iterative and ongoing basis.
Use of absolute XPath expressions as ds:Reference URIs when substitution attacks are possible. See research paper by Michael McIntosh and Paula Austel, IBM. - FrederickHirsch 07-04-26