RE: FW:

2010-01-06 Thread Bolcina Ivan
org.apache.xml.security.encryption.XMLCipher.doFinal(XMLCipher.java:825) BR,ivan -Original Message- From: Arshad Noor [mailto:arshad.n...@strongauth.com] Sent: Tuesday, January 05, 2010 4:06 PM To: security-dev@xml.apache.org Subject: Re: FW: In the software that I write, Scott, I enforce this

RE: FW:

2010-01-05 Thread Scott Cantor
Arshad Noor wrote on 2010-01-05: > In the software that I write, Scott, I enforce this. From > experience, I also know that browsers and S/MIME User Agents > (Outlook, Thunderbird) also enforce this. Those are applications. If they want to enforce it, that's fine, but it doesn't belong in an XML

Re: FW:

2010-01-05 Thread Arshad Noor
In the software that I write, Scott, I enforce this. From experience, I also know that browsers and S/MIME User Agents (Outlook, Thunderbird) also enforce this. While I presume that cryptographic frameworks such as JCE, CAPI, CNG, etc. also enforce this, I do not make assumptions about the degre

RE: FW:

2010-01-05 Thread Scott Cantor
Arshad Noor wrote on 2010-01-05: > Not with well-behaved software that conform to PKIX standards. > > Signing keys are meant to only sign objects, while "Exchange" > keys are meant for encryption/decryption. That is the reason > why decryption works with the first, but not with the second. Out o

Re: FW:

2010-01-05 Thread Arshad Noor
Not with well-behaved software that conform to PKIX standards. Signing keys are meant to only sign objects, while "Exchange" keys are meant for encryption/decryption. That is the reason why decryption works with the first, but not with the second. Arshad Noor StrongAuth, Inc. Bolcina Ivan wrot

RE: FW: Signing huge SOAP requests

2005-03-26 Thread John Harrison
-Original Message- From: Raul Benito [mailto:[EMAIL PROTECTED] Sent: 25 March 2005 21:35 To: security-dev@xml.apache.org; fx-dev@ws.apache.org Subject: Re: FW: Signing huge SOAP requests Depending the structure of signature you can try this patch(http://issues.apache.org/bugzilla

Re: FW: Signing huge SOAP requests

2005-03-26 Thread Davanum Srinivas
Raul, Unfortunately, this means we will need changes to wss4j to use your code in the bug report. Right? -- dims On Fri, 25 Mar 2005 22:34:59 +0100, Raul Benito <[EMAIL PROTECTED]> wrote: > Depending the structure of signature you can try this > patch(http://issues.apache.org/bugzilla/show_bug.

Re: FW: Signing huge SOAP requests

2005-03-25 Thread Raul Benito
Depending the structure of signature you can try this patch(http://issues.apache.org/bugzilla/show_bug.cgi?id=32657) It Is a single pass sax verification, I have manage to verify 100MB XML files with just 10MB of footprint. But it only works with some kind of signatures out of the box(but it can be