Subject: .Net Framework Security updates per W3C Specs - ReferenceID and new NCName Requirement
Date: 2017-09-15 20:01:18
From: Jan Paul von Wendt
Source: net-framework-security-updates-per-w3c-specs-referenceid-new-ncname-requirement
----------------------------------------------------------------------

We have recently learned that Microsoft has released .Net Framework Security Patch updates in order to comply with updated W3C Specifications. Recently, some we have experienced intermittent failures validating against a third party SSO service with the Ultimate SAML product. We have determined that this could be due to the ReferenceId not meeting the new NCName requirement. The new NCName requirement does not allow the ReferenceId field to begin with a number.

 

 

For reference and additional information on the W3C Specifications, refer to the following W3C spec article:

http://www.w3.org/TR/1999/REC-xml-names-19990114/ 

 

The question is: are you aware of this? I do not see any announcement of such on your website (as of yet). Does the ReferenceID (e.g., Assertion) begin with a number, or a letter (alpha character)? 

 

 

 

---------------------------------------------------------------------- Note: This question has been asked on the Q&A forum of Thang Dang's fraudulent ComponentPro brand If you purchased anything from ComponentPro, you have been scammed. Contact the payment processor who sold you the license and ask for your money back. Back to ComponentPro Q&A Forum Index