W3C home > Mailing lists > Public > public-xmlsec-maintwg@w3.org > May 2008

Best Practices - Denial of Services Tests

From: Pratik Datta <pratik.datta@oracle.com>
Date: Mon, 19 May 2008 07:07:40 -0700
Message-ID: <483189AC.5040901@oracle.com>
To: public-xmlsec-maintwg@w3.org

I have checked in some sample Denial of Service xmls under
Drafts/xmldsig-bestpractices/samples

These are gnarly xmls and verifying some of them will cause the CPU to 
shoot up to 100% for many hours.

dos_xpath.xml
dos_xslt.xml
dos_toomanytranforms.xml
dos_retrieval_loop1.xml
dos_retrieval_loop2.xml

All of them use HMAC signing with password "sample"

Pratik
Received on Monday, 19 May 2008 14:11:44 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 19 May 2008 14:11:45 GMT