Return-Path: X-Original-To: apmail-santuario-dev-archive@www.apache.org Delivered-To: apmail-santuario-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 30F3D9746 for ; Thu, 1 Mar 2012 10:05:54 +0000 (UTC) Received: (qmail 60978 invoked by uid 500); 1 Mar 2012 10:05:54 -0000 Delivered-To: apmail-santuario-dev-archive@santuario.apache.org Received: (qmail 60870 invoked by uid 500); 1 Mar 2012 10:05:53 -0000 Mailing-List: contact dev-help@santuario.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@santuario.apache.org Delivered-To: mailing list dev@santuario.apache.org Received: (qmail 60856 invoked by uid 99); 1 Mar 2012 10:05:53 -0000 Received: from minotaur.apache.org (HELO minotaur.apache.org) (140.211.11.9) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 01 Mar 2012 10:05:53 +0000 Received: from localhost (HELO mail-tul01m020-f182.google.com) (127.0.0.1) (smtp-auth username coheigea, mechanism plain) by minotaur.apache.org (qpsmtpd/0.29) with ESMTP; Thu, 01 Mar 2012 10:05:52 +0000 Received: by obbwc7 with SMTP id wc7so992650obb.27 for ; Thu, 01 Mar 2012 02:05:51 -0800 (PST) Received-SPF: pass (google.com: domain of coheigea@apache.org designates 10.60.2.162 as permitted sender) client-ip=10.60.2.162; Authentication-Results: mr.google.com; spf=pass (google.com: domain of coheigea@apache.org designates 10.60.2.162 as permitted sender) smtp.mail=coheigea@apache.org Received: from mr.google.com ([10.60.2.162]) by 10.60.2.162 with SMTP id 2mr1854824oev.46.1330596351871 (num_hops = 1); Thu, 01 Mar 2012 02:05:51 -0800 (PST) MIME-Version: 1.0 Received: by 10.60.2.162 with SMTP id 2mr1601144oev.46.1330596351856; Thu, 01 Mar 2012 02:05:51 -0800 (PST) Reply-To: coheigea@apache.org Received: by 10.182.90.161 with HTTP; Thu, 1 Mar 2012 02:05:51 -0800 (PST) Date: Thu, 1 Mar 2012 10:05:51 +0000 Message-ID: Subject: Streaming XML-Security proposal From: Colm O hEigeartaigh To: dev@santuario.apache.org Cc: Marc Giger Content-Type: text/plain; charset=ISO-8859-1 Hi all, A streaming WS-Security (Java) implementation has been donated to the Apache WSS4J project, and an initial work plan has been drafted to incorporate it into a WSS4J 2.0 release: http://osdir.com/ml/general/2012-02/msg38728.html One open question I raised in the link above is where the XML Security component should live. The consensus seemed to be that I should discuss the possibility of moving that code into Santuario, as it would complement the existing XML Security DOM-based code. Several months work are required on the code before it could be released, as outlined in section 3 of the mail. The code currently requires JDK 1.6. I'd like to pose the following questions to the team: 1) Should this code be moved to Santuario under the "xml-security-java" project? IMO it should be. 2) Given the JDK 1.6 requirement, should we aim to include the code in a 2.0 release? 3) Should the code be incorporated into the same (xmlsec) jar, or should we move to a multi module maven project and drop ant altogether? Colm. -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com