RE: XML-Signature + canonicalization

2004-06-16 Thread Lawrence McCay
Title: Message You may also find the basic security profile specification from WS-I interesting - it specifically defines the interoperability issues and recomendations for c14n as well other security related aspects of ws-security:   http://www.ws-i.org/Profiles/BasicSecurityProfile-1.0-2004

RE: XML-Signature + canonicalization

2004-06-16 Thread Blake Dournaee
Title: Message Achim,   Canonicalization is intended to normalize changes during XML parsing and processing, and doesn’t normalize all white space in general. The reason why is because white space is significant in an XML document, so adding white space in between elements is the same as

RE: XML-Signature + canonicalization

2004-06-16 Thread von Neefe, Achim
Title: Message Hi Blake,   thanks for your response.   Here are some additional concerns that were brought up during a conference call today.   1) It is possible to tamper with a message by inserting some kind of whitespace and still get the signature validated.   2) Problems with non-eu

RE: XML-Signature + canonicalization

2004-06-16 Thread Blake Dournaee
Title: XML-Signature + canonicalization Hello Achim,   I think it would be fair to say that when XML Signature was just maturing most of the implementation details that caused trouble had to do with one form of canonicalization or another. If you add to this the additional exclusive cano

RE: Nomination of new committers

2004-06-16 Thread Deltoro, Salvador
+1 for Raúl and for Dims, from my point of view. Salvador Deltoro. > -Original Message- > From: > [EMAIL PROTECTED] > g > [mailto:[EMAIL PROTECTED] > pache.org] On Behalf Of Erwin van der Koogh > Sent: miércoles, 16 de junio de 2004 15:51 > To: [EMAIL PROTECTED] > Subject: RE: Nominatio

RE: Nomination of new committers

2004-06-16 Thread Erwin van der Koogh
+1 Raul +1 definately.. he has almost changed more code that I have :D +1 Dims +1 as well. Erwin

JavaOne

2004-06-16 Thread Erwin van der Koogh
Hi Axl, How's the new job? and Did you hear anything about JavaOne? If you can't go, could you please give me some pointers to do your talk as well? Thanks, Erwin

DO NOT REPLY [Bug 29595] New: - Memory retention problem in XMLSecurity 1.1.0 java library

2004-06-16 Thread bugzilla
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

XML-Signature + canonicalization

2004-06-16 Thread von Neefe, Achim
Title: XML-Signature + canonicalization Hi all, I apologize if this is not the right forum for the following questions. One of our partners intended to use XML-Signature, but now claims that there are too many interoperability problems with the canonicalization algorithm. Can someone shar