DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=32657>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=32657 Summary: Experimental single pass SAX xml signature verification Product: Security Version: unspecified Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: Signature AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] I attached a patch that includes an experimental (i.e. nearly working, and hard to use) single pass SAX xml signature verification. Right now it can only verify signatures that the name of the element signed, and the way it is c14n are known before hand (no other transformations are implemented, so no enveloped signatures right now). Some examples of use can be found in the src_samples/prb/SaxPrb.java. I have documented my progress somehow in my blog so please take a look to http://r-bg.com/apache for more info. This feature has been tested by some other people finding very big improvements both in memory consumption and in performance. But the API is really unstable and it is going to change radically in next versions. I'm expecting some help in order to design the API, and the functionality in order to include it (when polished) in the official distribution. Thanks, Raul -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
