I can't really answer any of your questions, but having used both
libraries, I have some additional points to offer.
First, Aleksey's project is, well, Aleksey's. He's incredibly
competent, responsive, and helpful, and he's happy to have patches.
That said, he was (last I checked) the only commit
> Do you have any opinion on maturity of the toolkits.
The Apache version worked much more consistently with the Java version and
was much easier for me to implement the necessary evaluation code around the
core system. xmlsec wanted me to give it control and just implement
callbacks, but sometime
, bugs,...).
Thanks again,
Amiler
From: "Scott Cantor" <[EMAIL PROTECTED]>
Reply-To: security-dev@xml.apache.org
To:
Subject: RE: Xmlsec vs. ApacheSecurity project
Date: Mon, 13 Feb 2006 20:39:44 -0500
I've used both, out of necessity because the Apache version didn't
I've used both, out of necessity because the Apache version didn't exist
yet. The real issue is the parser. xmlsec is libxml2-based, while Apache is
Xerces-based. That should be the determining factor for most applications,
IMHO. libxml2 and xmlsec are C-based, while the Apache/Xerces tools are
C++
