xml-xmlbeans-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Noah Campbell <noahcampb...@gmail.com>
Subject Re: xmlbeans xml security
Date Thu, 01 Jul 2004 19:13:09 GMT
I was looking at the xml-sec project for dsig.  They have a
CanonicalizerBase class that is meant to facilitate the c14n.  see
http://cvs.apache.org/viewcvs.cgi/xml-security/src/org/apache/xml/security/c14n/implementations/
As assumed, they use the w3c dom for parsing and canonicalizing the
element.  Our version could would use xmlbeans and simply plug in
(knock on wood) and work.

This is probably the first pass for a proof of concept and speed
comparison.  I don't know if there are any benchmarks made already,
but I can set up a harness for checking this.

Noah

On Thu, 01 Jul 2004 12:24:03 -0400, Joseph Hindsley
<jhindsley@providerlink.com> wrote:
> 
> Hey all,
> 
> Forgive me for not keeping up with this thread and my general ignorance
> of the whole topic, but when I was looking at XML signature a while
> back, I got the impression that c14n was one of many transforms that
> could be applied before the signing algorithm was applied. If you
> included an XPath transform in your signature, for example, you could
> limit the signature to only the elements specified in that XPath. Also
> there was 2 forms of c14n Canonicalization transform mentioned (and
> there may be others): Canonical XML and Exclusive Canonical XML
> (http://www.w3.org/Signature/).
> 
> I guess my questions are, why limit the implementation to only doing a
> c14n transformation? Would it be possible to support transformations in
> general? Or tie into a project that does that already?
> 
> Joe Hindsley
> 
> 
> 
> 
> On Thu, 2004-07-01 at 11:40, Eric Vasilik wrote:
> > I think that that producing c14n from an XmlBean is within the scope of
> > XmlBeans.  Are there other aspects of security which would be
> > appropriate?
> >
> > - Eric
> >
> > > -----Original Message-----
> > > From: Ted Leung [mailto:twleung@sauria.com]
> > > Sent: Wednesday, June 30, 2004 10:23 PM
> > > To: xmlbeans-dev@xml.apache.org
> > > Subject: Re: xmlbeans xml security
> > >
> > > David,
> > >
> > > There is already an XML Security project at xml.apache.org.  Is there
> > > any
> > > chance of combining efforts with those folks on this?
> > >
> > > Ted
> > >
> > > On Jun 30, 2004, at 10:04 AM, David Remy wrote:
> > >
> > > > David (Waite),
> > > > I got the chance to meet with Noah Campbell for dinner Mon night at
> > > > JavaOne and he expressed an interest in contributing in the are of
> > xml
> > > > security.  I wonder if we should start a sandbox in cvs with a
> > security
> > > > directory that we could use to start experimenting on xml security
> > over
> > > > xmlbeans.  Unless someone has an issue with that I will go ahead and
> > do
> > > > it (specifically under xml-xmlbeans create a subdirectory called
> > > > sandbox
> > > > and then a security directory under it).
> > > >
> > > > Perhaps we should get started on an XML Sig implementation and see
> > what
> > > > hurdles we run into.  I *believe* at some point we are going to want
> > an
> > > > option on the xml store to keep things in the store canonically so
> > that
> > > > the big c14n copy to create and validate signatures can be avoided.
> > In
> > > > the meantime though we could get started and therefore define any
> > > > requirements that the store might get.
> > > >
> > > > It only makes sense to have a security implementation in xmlbeans if
> > we
> > > > can take advantage of the xml store to improve efficiency, otherwise
> > we
> > > > should leave it to apache xml sec ...
> > > >
> > > > rem
> > > >
> > > > -
> > ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail:   xmlbeans-dev-unsubscribe@xml.apache.org
> > > > For additional commands, e-mail: xmlbeans-dev-help@xml.apache.org
> > > > Apache XMLBeans Project -- URL: http://xml.apache.org/xmlbeans/
> > > >
> > > ----
> > > Ted Leung                          Blog: <http://www.sauria.com/blog>
> > > PGP Fingerprint: 1003 7870 251F FA71 A59A  CEE3 BEBA 2B87 F5FC 4B42
> > >
> > >
> > > -
> > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail:   xmlbeans-dev-unsubscribe@xml.apache.org
> > > For additional commands, e-mail: xmlbeans-dev-help@xml.apache.org
> > > Apache XMLBeans Project -- URL: http://xml.apache.org/xmlbeans/
> >
> >
> > - ---------------------------------------------------------------------
> > To unsubscribe, e-mail:   xmlbeans-dev-unsubscribe@xml.apache.org
> > For additional commands, e-mail: xmlbeans-dev-help@xml.apache.org
> > Apache XMLBeans Project -- URL: http://xml.apache.org/xmlbeans/
> 
> - ---------------------------------------------------------------------
> To unsubscribe, e-mail:   xmlbeans-dev-unsubscribe@xml.apache.org
> For additional commands, e-mail: xmlbeans-dev-help@xml.apache.org
> Apache XMLBeans Project -- URL: http://xml.apache.org/xmlbeans/
> 
>

- ---------------------------------------------------------------------
To unsubscribe, e-mail:   xmlbeans-dev-unsubscribe@xml.apache.org
For additional commands, e-mail: xmlbeans-dev-help@xml.apache.org
Apache XMLBeans Project -- URL: http://xml.apache.org/xmlbeans/


Mime
View raw message