All, I just finished some restructure of the STRTransform functions. After having some input from our xml-sec gurus (thanks Raul and Sean) I got a better (a little better only :-) ) understanding about c14n and so on.
Now the STRTransform is much cleaner, also no more use of the deprecated circumventBug2650. This results in lower memory footprint. Qute from and e.-mail on xml-sec: <cite> Don't use any xpath transformation. Select what you want to sign with: <Reference URI="#whatToSign">..</Reference> <NodeToBeSigned id="whatToSign">..</NodeToBeSigned> In this way , the circumventBug2650 is not called(and other several optimizations hit). And you can sign bigger documents. Using xpath transformation is always one order the magnitude slower. </cite> This is what we are doing now (WSS always used such references only). And, according to Raul's statement: when modifying code, adding new features etc we shall be carefull not to use XPath :-) Regards, Werner --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
