xml-dev - Re: [xml-dev] Canonicalization software

Re: [xml-dev] Canonicalization software

[ Lists Home | Date Index | Thread Index ]

To: Elliotte Rusty Harold <elharo@metalab.unc.edu>
Subject: Re: [xml-dev] Canonicalization software
From: Rich Salz <rsalz@datapower.com>
Date: Mon, 02 Feb 2004 11:27:40 -0500
Cc: "xml-dev@lists.xml.org" <xml-dev@lists.xml.org>
In-reply-to: <p06010207bc440766e307@[192.168.254.4]>
References: <Pine.LNX.4.44L0.0402020734110.31828-100000@smtp.datapower.com> <p06010207bc440766e307@[192.168.254.4]>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4b) Gecko/20030507

Okay, crossing notes in the ether caused some confusion.  Let me try to 
be clear.

In libxml there is a command-line program "testC14N" that you can build 
that will let you feed input, and capture canonical output.

If you download the latest release from http://pyxml.sf.net, and install 
it, you will find test/test_c14n.py, a small python program that 
includes the examples from the C14N spec, and the ability to feed input 
and capture canonical output.

Did you tell the XSS4J folks about the bugs you found?  I think they 
know exc-c14n is broken.
	/r$
-- 
Rich Salz, Chief Security Architect
DataPower Technology                           http://www.datapower.com
XS40 XML Security Gateway   http://www.datapower.com/products/xs40.html
XML Security Overview  http://www.datapower.com/xmldev/xmlsecurity.html

References:
- Re: [xml-dev] Canonicalization software
  - From: Rich Salz <rsalz@datapower.com>
- Re: [xml-dev] Canonicalization software
  - From: Elliotte Rusty Harold <elharo@metalab.unc.edu>

Prev by Date: O'Reilly Open Source Convention Call for Participation
Next by Date: WARNING: Namespace thread virus (new variant?)
Previous by thread: Re: [xml-dev] Canonicalization software
Next by thread: Re: [xml-dev] Canonicalization software
Index(es):
- Date
- Thread