santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Inma Marín <i...@dif.um.es>
Subject RE: Problem verifying an XML enveloped signature
Date Wed, 03 Dec 2008 10:26:14 GMT
Yes, I do the following:

- Get into http://santuario.apache.org/index.html
- I click on the 'Download' link on the left
- I see the 'Downloading the Libraries' page
- Then I click on the 'XML Project site' link under 'Obtaining the
Libraries'. This link goes to   http://xml.apache.org/security/dist/, which
is not found :(.

Can you be so kind as to tell me what I am doing wrong, please? Or Maybe the
server is not available....

Thank you very much in advance.


Regards,
Inma.


-----Mensaje original-----
De: Ling Xiaohan [mailto:lingxh@cn.fujitsu.com] 
Enviado el: miércoles, 03 de diciembre de 2008 10:16
Para: security-dev@xml.apache.org
Asunto: Re: Problem verifying an XML enveloped signature

You can try http://santuario.apache.org/index.html

----- Original Message ----- 
Can you be so kind as to tell me where I can download the latest version,
please? When I try to access http://santuario.apache.org/dist/ , I get a
'Not Found' page.

Thank you very much in advance.



-----Mensaje original-----
De: Sean.Mullan@Sun.COM [mailto:Sean.Mullan@Sun.COM]
Enviado el: lunes, 01 de diciembre de 2008 19:22
Para: security-dev@xml.apache.org
Asunto: Re: Problem verifying an XML enveloped signature

Version 1.2.1 is quite old. Many performance enhancements have been made
since then, especially in the transform processing. Please try the
latest (version 1.4.2) if you can.

--Sean

Inma Marín wrote:
> Hello,
>
>
>
> I have a problem when validating an XML enveloped signature. The point
> is that I want to verify an XML document which includes 3 enveloped
> signatures. These enveloped signatures are independent, in such a way
> that each of them are generated only over the XML document (removing the
> already existing signatures). To that extent, an xpath expression
>
(not(ancestor-or-self::node()=//*[namespace-uri()='http://www.w3.org/2000/09
/xmldsig#'
> and local-name()='Signature'])) is used instead of an enveloped
> transform (as an enveloped transform only removes the actual signature
> element, and I need all existing signatures elements be removed).
> However, when verifying this document, the verification last a lot of
time!
>
>
>
> Particularly, if I try to verify an XML document with only one
> signature, if it has been generated using the XPath expression , the
> verification lasts 15 minutes more than if the signature has been
> generated using the enveloped transform!!
>
>
>
> I am using xmlsec v1.2.1.
>
>
>
> Could you be so kind as to tell me why it happens, please? Does any
> later version make this kind of verification quicker? If no, any idea of
> making this verification more rapid?
>
>
>
> Thank you very much in advance.
>
>
>
>
>
> ------------------------------------------------------------
> Inmaculada Marín López
> Edificio ATICA - Planta baja
> Campus de Espinardo
> Universidad de Murcia
> Teléfono +34 968 367906
> e-mail: inma@dif.um.es <mailto:inma@dif.um.es>
> ------------------------------------------------------------
>
>
>







Mime
View raw message