org.apache.xml.security.encryption.XMLCipher.doFinal(XMLCipher.java:825)
BR,ivan
-Original Message-
From: Arshad Noor [mailto:arshad.n...@strongauth.com]
Sent: Tuesday, January 05, 2010 4:06 PM
To: security-dev@xml.apache.org
Subject: Re: FW:
In the software that I write, Scott, I enforce this
Arshad Noor wrote on 2010-01-05:
> In the software that I write, Scott, I enforce this. From
> experience, I also know that browsers and S/MIME User Agents
> (Outlook, Thunderbird) also enforce this.
Those are applications. If they want to enforce it, that's fine, but it
doesn't belong in an XML
In the software that I write, Scott, I enforce this. From
experience, I also know that browsers and S/MIME User Agents
(Outlook, Thunderbird) also enforce this.
While I presume that cryptographic frameworks such as JCE,
CAPI, CNG, etc. also enforce this, I do not make assumptions
about the degre
Arshad Noor wrote on 2010-01-05:
> Not with well-behaved software that conform to PKIX standards.
>
> Signing keys are meant to only sign objects, while "Exchange"
> keys are meant for encryption/decryption. That is the reason
> why decryption works with the first, but not with the second.
Out o
Not with well-behaved software that conform to PKIX standards.
Signing keys are meant to only sign objects, while "Exchange"
keys are meant for encryption/decryption. That is the reason
why decryption works with the first, but not with the second.
Arshad Noor
StrongAuth, Inc.
Bolcina Ivan wrot
-Original Message-
From: Raul Benito [mailto:[EMAIL PROTECTED]
Sent: 25 March 2005 21:35
To: security-dev@xml.apache.org; fx-dev@ws.apache.org
Subject: Re: FW: Signing huge SOAP requests
Depending the structure of signature you can try this
patch(http://issues.apache.org/bugzilla
Raul,
Unfortunately, this means we will need changes to wss4j to use your
code in the bug report. Right?
-- dims
On Fri, 25 Mar 2005 22:34:59 +0100, Raul Benito
<[EMAIL PROTECTED]> wrote:
> Depending the structure of signature you can try this
> patch(http://issues.apache.org/bugzilla/show_bug.
Depending the structure of signature you can try this
patch(http://issues.apache.org/bugzilla/show_bug.cgi?id=32657)
It Is a single pass sax verification, I have manage to verify 100MB
XML files with just 10MB of footprint. But it only works with some
kind of signatures out of the box(but it can be