Re: XMLCipher - enhancement for content encryption

At 9:47 AM +0100 1/5/04, Werner Dittmann wrote: If it is just "syntax sugar" and Parsers can replace it with Text... why does DOM defines an own Node type for it (wouldn't Text be enough)? It would be enough, and probably should have been. Note that DOM implementations are allowed but *not requi

Re: XMLCipher - enhancement for content encryption

- use this serialization, then > > encrypt. > > > > To support this we have to enhance the XMLCipher API to > > support the specification of a serialization method > > > > Any thoughts, ideas? > > > > Regards, > > Werner > > > &g

Re: XMLCipher - enhancement for content encryption

e of the specs every usage is valid. Regards, Werner - Original Message - From: "Elliotte Rusty Harold" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, January 04, 2004 4:36 PM Subject: Re: XMLCipher - enhancement for content encryption > At 11:05 AM +0100

Re: XMLCipher - enhancement for content encryption

e C14N is specified - use this serialization, then > > encrypt. > > > > To support this we have to enhance the XMLCipher API to > > support the specification of a serialization method > > > > Any thoughts, ideas? > > > > Regards, > > Werner

Re: XMLCipher - enhancement for content encryption

At 11:05 AM +0100 1/4/04, Werner Dittmann wrote: It might happen that the receiver needs the information that some data was a CDATA section (we do not know what type of applications will use XML Encryption and how they deal with the XML documents). If that's the case, then somebody is making a m

Re: XMLCipher - enhancement for content encryption

Werner Dittmann wrote: C14N requires a well formed XML document as input (according to the specs). Content as defined by XML Encryption (and the referenced XML base specs) is not required to be well formed as it can be a DocumentFragment. If this understanding is correct, then we cannot serialize

Re: XMLCipher - enhancement for content encryption

nuary 03, 2004 10:23 PM Subject: Re: XMLCipher - enhancement for content encryption Werner Dittmann wrote: IMO, for encryption serialization CDATA shall be serialized as CDATA element without Entity conversion. Otherwise it may give problems when we first sign that element, then encrypt it. In additi

Re: XMLCipher - enhancement for content encryption

uary 04, 2004 11:05 AM Subject: Re: XMLCipher - enhancement for content encryption > Erin, all, > > great that it is solved for Signature. But for Encryption I see another > problem if CDATA is not serialized correctly. Consider the following > DocumentFragment: > > > >

Re: XMLCipher - enhancement for content encryption

ds, Werner - Original Message - From: "Berin Lautenbach" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, January 03, 2004 10:23 PM Subject: Re: XMLCipher - enhancement for content encryption > Werner Dittmann wrote: > > > IMO, for encryptio

Re: XMLCipher - enhancement for content encryption

Had a quick check on the bug report. Before making a decision as to the correct way forward, do we know if the Xerces-J people are going to incorporate this fix in the next release? Cheers, Berin Werner Dittmann wrote: Hi, to test the content encryption of XMLCipher I modified the tes

Re: XMLCipher - enhancement for content encryption

Werner Dittmann wrote: IMO, for encryption serialization CDATA shall be serialized as CDATA element without Entity conversion. Otherwise it may give problems when we first sign that element, then encrypt it. In addition CDATA implies a "preserve space" behavior. Is that true for standard Text nod

Re: XMLCipher - enhancement for content encryption

At 9:47 PM +0100 1/3/04, Werner Dittmann wrote: Dims, all, just looked at CanonicalizerBase and did a quick test. Unfortunatly it also handles CDATA in a wrong way - it handles CDATA like standard Text nodes, i.e. C14nBase converts all special chars into Entities and serialize CDATA as standard te

Re: XMLCipher - enhancement for content encryption

Werner Dittmann wrote: Dims, all, just looked at CanonicalizerBase and did a quick test. Unfortunatly it also handles CDATA in a wrong way - it handles CDATA like standard Text nodes, i.e. C14nBase converts all special chars into Entities and serialize CDATA as standard text without the "[!CDATA[.

Re: XMLCipher - enhancement for content encryption

age - From: "Davanum Srinivas" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, January 03, 2004 7:57 PM Subject: Re: XMLCipher - enhancement for content encryption > Werner, > > did you see org.apache.xml.security.c14n.implementations.Canonicali

Re: XMLCipher - enhancement for content encryption

> > - use the modified xerces, test the Signature with it to make sure its not > > broken and put a link (or the modified jar) into xmlsec distribution > > > > Another option would be to write an own serializer - but I'm not in > > favour to that. > > >

Re: XMLCipher - enhancement for content encryption

> > Another option would be to write an own serializer - but I'm not in > favour to that. > > > - Original Message - > From: "Erwin van der Koogh" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Friday, January 02, 2004 3:21 PM &

Re: XMLCipher - enhancement for content encryption

CTED]> To: <[EMAIL PROTECTED]> Sent: Friday, January 02, 2004 3:21 PM Subject: Re: XMLCipher - enhancement for content encryption > Hello Werner, > > > to test the content encryption of XMLCipher I modified the test case of > > XML encryption. The modifed test case showe

Re: XMLCipher - enhancement for content encryption

Hello Werner, to test the content encryption of XMLCipher I modified the test case of XML encryption. The modifed test case showed some serious problems inside XMLCipher as well as in the Xerces XMLSerializer. Hmm.. not good. [snip..] link to bug report for lazy people: