cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colin Britton" <>
Subject Re: xml-signature
Date Sun, 17 Feb 2002 14:08:22 GMT
We looked a while ago at building a transformer based on the IBM XML
security suite, but the licence is a commercial one. It has some good

Digital signature implementation based on "XML-Signature Syntax and
Processing" by W3C/IETF
XML encryption implementation based on "XML Encryption Syntax and
Processing" by W3C
XML Access Control Language and implementation

Does anyone know of a similar suite that is open source?


----- Original Message -----
From: "Michael Hartle" <>
To: <>
Sent: Sunday, February 17, 2002 8:29 AM
Subject: Re: xml-signature

> Jason Foster wrote:
> > Now that the W3 has recommended xml-signature, does it make sense to
> > try and figure out how to incorporate it into the Cocoon pipeline model?
> > I've put a (very) little thought into this and I'm not sure what
> > approach makes the most sense.  For documents serialized as XML, then
> > a modification to the XMLSerializer should work.  For other
> > serializers where you can't easily add XML content, then my guess is
> > that you have to go "out of band".
> > Unfortunately the "definition" of a serializer is that it is the last
> > thing in a pipeline.  It isn't (I think) possible using the current
> > sitemap semantics to define something that takes place after the
> > serializer, which means calculating the signature of the generated
> > content is impossible.
> >
> > Does anyone else see value in this, and if so, how would you add this
> > functionality?
> What about a SigningTransformer and a VerifyingTransformer ? The
> SigningTransformer would then sign the referenced portions as the last
> transformer in a pipeline; the VerifyingTransformer would check the
> signatures as the first transformer, either passing the correct content
> through or somehow marking the content or signature as invalid. I hope I
> understood the spec correctly so far; I guess that the specification
> does not apply to other content than serialized XML.
> Best regards,
> Michael Hartle,
> Hartle & Klug GbR
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, email:

To unsubscribe, e-mail:
For additional commands, email:

View raw message