Yes, I do the following: - Get into http://santuario.apache.org/index.html - I click on the 'Download' link on the left - I see the 'Downloading the Libraries' page - Then I click on the 'XML Project site' link under 'Obtaining the Libraries'. This link goes to http://xml.apache.org/security/dist/, which is not found :(.
Can you be so kind as to tell me what I am doing wrong, please? Or Maybe the server is not available.... Thank you very much in advance. Regards, Inma. -----Mensaje original----- De: Ling Xiaohan [mailto:[EMAIL PROTECTED] Enviado el: miércoles, 03 de diciembre de 2008 10:16 Para: security-dev@xml.apache.org Asunto: Re: Problem verifying an XML enveloped signature You can try http://santuario.apache.org/index.html ----- Original Message ----- Can you be so kind as to tell me where I can download the latest version, please? When I try to access http://santuario.apache.org/dist/ , I get a 'Not Found' page. Thank you very much in advance. -----Mensaje original----- De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Enviado el: lunes, 01 de diciembre de 2008 19:22 Para: security-dev@xml.apache.org Asunto: Re: Problem verifying an XML enveloped signature Version 1.2.1 is quite old. Many performance enhancements have been made since then, especially in the transform processing. Please try the latest (version 1.4.2) if you can. --Sean Inma Marín wrote: > Hello, > > > > I have a problem when validating an XML enveloped signature. The point > is that I want to verify an XML document which includes 3 enveloped > signatures. These enveloped signatures are independent, in such a way > that each of them are generated only over the XML document (removing the > already existing signatures). To that extent, an xpath expression > (not(ancestor-or-self::node()=//*[namespace-uri()='http://www.w3.org/2000/09 /xmldsig#' > and local-name()='Signature'])) is used instead of an enveloped > transform (as an enveloped transform only removes the actual signature > element, and I need all existing signatures elements be removed). > However, when verifying this document, the verification last a lot of time! > > > > Particularly, if I try to verify an XML document with only one > signature, if it has been generated using the XPath expression , the > verification lasts 15 minutes more than if the signature has been > generated using the enveloped transform!! > > > > I am using xmlsec v1.2.1. > > > > Could you be so kind as to tell me why it happens, please? Does any > later version make this kind of verification quicker? If no, any idea of > making this verification more rapid? > > > > Thank you very much in advance. > > > > > > ------------------------------------------------------------ > Inmaculada Marín López > Edificio ATICA - Planta baja > Campus de Espinardo > Universidad de Murcia > Teléfono +34 968 367906 > e-mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> > ------------------------------------------------------------ > > >
