Added a Bugzilla Bug - http://nagoya.apache.org/bugzilla/show_bug.cgi?id=26660
thanks, dims --- Dittmann Werner <[EMAIL PROTECTED]> wrote: > All, > > attached a patch to XMLCipher. It is the same > patch as posted January, 5th with one slight modification. > > This code now _always_ gets a C14n instance to perform > serialization. It does not use Xerces XMLSerialization > anymore (I didn't delete the code that uses it, its > just not called anymore). > > Using specific "getInstance*()" methods of XMLCipher the > caller may overwrite the C14n method used to serlaize. > By default the code uses C14n with comments to serialize. > > Regards, > Werner > > > -----Ursprüngliche Nachricht----- > > Von: Davanum Srinivas [mailto:[EMAIL PROTECTED] > > Gesendet: Dienstag, 3. Februar 2004 17:14 > > An: [EMAIL PROTECTED] > > Betreff: RE: AW: AW: AW: Verification after decrypt > > > > > > Exactly my point. > > org.apache.xml.serialize.XMLSerializer,OutputFormat is used > > ONLY in one file > > namely XMLCipher.java. We are better off gaining > > compatability with any JAXP compatible parser. We > > are forcing people to use a specific xerces version EVEN if > > they have other parsers in their > > environment. Hope we have learnt the lessons for the xalan > > fiasco (we used to fail miserably with > > the built in xalan in JDK 1.4 and had to use the endorsed > > over ride mechanism till we fix our code > > - http://nagoya.apache.org/bugzilla/show_bug.cgi?id=19916) > > > > thanks, > > dims > > > > --- Erwin van der Koogh <[EMAIL PROTECTED]> wrote: > > > > Surely it's better to say "if you have this bug then > > download a version of > > > > Xerces greater than x.x" rather than "fixing" a bug in > > someone else's code > > > > with a hack in yours? That's just asking for maintenance > > headaches isn't > > > > it? > > > > > > Well.. right now we are dependent on Xerces for a single > > tiny Xerces-only > > > feature. And if I am not entirely mistaken it might even be the > > > serialization part. > > > > > > So if that's the case and we do go down the custom > > serializer part we would > > > be compatible with any JAXP compatible parser, easing > > maintenance headaches > > > somewhat. > > > > > > So it might actually be easier to maintain in the long run. > > > > > > Erwin > > > > > > ===== > > Davanum Srinivas - http://webservices.apache.org/~dims/ > > > > > ATTACHMENT part 2 application/octet-stream name=XMLCipher-4.patch ===== Davanum Srinivas - http://webservices.apache.org/~dims/
