santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: XMLDSig 1.1
Date Fri, 11 Dec 2015 16:43:30 GMT
With regards to XML Encryption 1.1, I implemented all of the "Key Wrapping"
tests from this spec:

http://www.w3.org/TR/xmlenc-core1-testcases/
https://svn.apache.org/repos/asf/santuario/xml-security-java/trunk/src/test/java/org/apache/xml/security/test/dom/encryption/XMLEncryption11Test.java

None of the "Key Agreement" tests are supported though.

Colm.

On Thu, Dec 10, 2015 at 3:08 PM, Sean Mullan <sean.mullan@oracle.com> wrote:

> I am pretty sure we support all of the MUST/SHOULD requirements in the XML
> Signature 1.1 specification. If not, it should be treated as a bug.
>
> --Sean
>
>
> On 12/10/2015 10:00 AM, Cantor, Scott wrote:
>
>> On 12/10/15, 9:45 AM, "Pellerin, Clement" <Clement_Pellerin@ibi.com>
>> wrote:
>>
>>
>>
>> I asked the same question about XMLDSig 2.0 years ago.
>>> Santuario responded they will never implement XMLDSig 2.0 since the
>>> object model is incompatible.
>>>
>>
>> 2.0 was just a proposal that was abandoned out of lack of interest from
>> implementers. Concretely it had some small wins but did nothing to address
>> the primary issues that led people to abandon XML so wouldn't have helped
>> anything.
>>
>> The Santuario 1.5.3 release notes mention:
>>>
>>>> This release features support for new XML Signature 1.1 KeyInfo
>>>>> extensions.
>>>>>
>>>>
>> Yes, some of that work was done by my project and donated.
>>
>> Is the goal of Santuario to support all of XMLDSig 1.1 and XMLEnc 1.1?
>>> How far are we in that project?
>>>
>>
>> I'm fairly certain most of XMLEnc 1.1 isn't, seeing as ECDH was the major
>> change there and it isn't supported AFAIK. GCM is, but hasn't seen much
>> testing since Java 8 is the first version to include it.
>>
>> I doubt there's a lot of XMLSig 1.1 that isn't already done.
>>
>> -- Scott
>>
>>


-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
View raw message