Re: Problem verifying an XML enveloped signature

Thu, 04 Dec 2008 06:36:08 -0800 

Should be fixed now. If not, let me know.

--Sean

Sean Mullan wrote:

Sorry, this is my fault.
Yesterday I changed the old site http://xml.apache.org/security to redirect to the new site http://santuario.apache.org but I didn't realize there were still download links to the old site. I'll send another email when I have fixed this. 

--Sean

Inma Marín wrote:

Yes, I do the following:

- Get into http://santuario.apache.org/index.html
- I click on the 'Download' link on the left
- I see the 'Downloading the Libraries' page
- Then I click on the 'XML Project site' link under 'Obtaining the
Libraries'. This link goes to http://xml.apache.org/security/dist/, which 
is not found :(.
Can you be so kind as to tell me what I am doing wrong, please? Or Maybe the 
server is not available....

Thank you very much in advance.


Regards,
Inma.


-----Mensaje original-----
De: Ling Xiaohan [mailto:[EMAIL PROTECTED] Enviado el: miércoles, 03 de diciembre de 2008 10:16 
Para: security-dev@xml.apache.org
Asunto: Re: Problem verifying an XML enveloped signature

You can try http://santuario.apache.org/index.html
----- Original Message ----- Can you be so kind as to tell me where I can download the latest version, 
please? When I try to access http://santuario.apache.org/dist/ , I get a
'Not Found' page.

Thank you very much in advance.



-----Mensaje original-----
De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Enviado el: lunes, 01 de diciembre de 2008 19:22
Para: security-dev@xml.apache.org
Asunto: Re: Problem verifying an XML enveloped signature

Version 1.2.1 is quite old. Many performance enhancements have been made
since then, especially in the transform processing. Please try the
latest (version 1.4.2) if you can.

--Sean

Inma Marín wrote:

Hello,



I have a problem when validating an XML enveloped signature. The point
is that I want to verify an XML document which includes 3 enveloped
signatures. These enveloped signatures are independent, in such a way
that each of them are generated only over the XML document (removing the
already existing signatures). To that extent, an xpath expression
(not(ancestor-or-self::node()=//*[namespace-uri()='http://www.w3.org/2000/09 
/xmldsig#'

and local-name()='Signature'])) is used instead of an enveloped
transform (as an enveloped transform only removes the actual signature
element, and I need all existing signatures elements be removed).
However, when verifying this document, the verification last a lot of

time!



Particularly, if I try to verify an XML document with only one
signature, if it has been generated using the XPath expression , the
verification lasts 15 minutes more than if the signature has been
generated using the enveloped transform!!



I am using xmlsec v1.2.1.



Could you be so kind as to tell me why it happens, please? Does any
later version make this kind of verification quicker? If no, any idea of
making this verification more rapid?



Thank you very much in advance.





------------------------------------------------------------
Inmaculada Marín López
Edificio ATICA - Planta baja
Campus de Espinardo
Universidad de Murcia
Teléfono +34 968 367906
e-mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
------------------------------------------------------------

Reply via email to