Return-Path: 
 <security-dev-return-4058-apmail-xml-security-dev-archive=xml.apache.org@xml.apache.org>
Delivered-To: apmail-xml-security-dev-archive@www.apache.org
Received: (qmail 42808 invoked from network); 27 Feb 2005 02:38:37 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur-2.apache.org with SMTP; 27 Feb 2005 02:38:37 -0000
Received: (qmail 24028 invoked by uid 500); 27 Feb 2005 02:38:35 -0000
Delivered-To: apmail-xml-security-dev-archive@xml.apache.org
Received: (qmail 24013 invoked by uid 500); 27 Feb 2005 02:38:35 -0000
Mailing-List: contact security-dev-help@xml.apache.org; run by ezmlm
Precedence: bulk
List-Post: <mailto:security-dev@xml.apache.org>
List-Help: <mailto:security-dev-help@xml.apache.org>
List-Unsubscribe: <mailto:security-dev-unsubscribe@xml.apache.org>
List-Subscribe: <mailto:security-dev-subscribe@xml.apache.org>
Reply-To: security-dev@xml.apache.org
Delivered-To: mailing list security-dev@xml.apache.org
Received: (qmail 23999 invoked by uid 99); 27 Feb 2005 02:38:35 -0000
X-ASF-Spam-Status: No, hits=1.1 required=10.0
	tests=FORGED_RCVD_HELO,NO_DNS_FOR_FROM
X-Spam-Check-By: apache.org
Received-SPF: pass (hermes.apache.org: local policy)
Received: from cust4394.vic01.dataco.com.au (HELO cerberus.wingsofhermes.org)
 (202.164.195.42)
  by apache.org (qpsmtpd/0.28) with SMTP; Sat, 26 Feb 2005 18:38:34 -0800
Received: (qmail 32338 invoked by uid 1008); 27 Feb 2005 02:38:29 -0000
Received: from 192.168.3.10 by cerberus.wingsofhermes.org (envelope-from
 <berin@wingsofhermes.org>, uid 1002) with qmail-scanner-1.23
 (clamdscan: 0.75.1. spamassassin: 3.0.0.  
 Clear:RC:1(192.168.3.10):.
 Processed in 0.106423 secs); 27 Feb 2005 02:38:29 -0000
Received: from unknown (HELO ?192.168.3.10?) (192.168.3.10)
  by 0 with SMTP; 27 Feb 2005 02:38:28 -0000
Message-ID: <42213271.7070906@wingsofhermes.org>
Date: Sun, 27 Feb 2005 13:37:37 +1100
From: Berin Lautenbach <berin@wingsofhermes.org>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
 rv:1.7.3) Gecko/20040910
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: security-dev@xml.apache.org
Subject: Base64 question + Preparing for a 1.2 C++ release
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Checked: Checked
X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N

Peoples,

I've been doing some work to clean up for a 1.2 release.  In particular, 
I have just :

1.  Started going through and cleaning up the various bugs that haven't 
yet been fixed
2.  Stripped out all requirements for RTTI
3.  Stripped out requirement for MFC in debug build
4.  Now builds against OpenSSL 0.9.8 as well as 0.9.7 and 0.9.6, and 
supports SHA 224/256/384/512 if they are supported by the version of 
OpenSSL.

Before we do a 1.2 however, I'm wondering if we can do something about 
the base64 and validation problems.

Scott - you are the person with the most experience in schema validation 
and signatures.  Is it worthwhile adding some form of switch to tell the 
library to output base64 data in normalised form?  (I.e. no line feeds 
etc.)  That way normalisation won't touch the data and schema validation 
should work a bit better?  Or am I missing something fundamental somewhere?

Open to thoughts on that one - it means using the internal base64 class 
rather than that provided by OpenSSL.

Cheers,
	Berin