W3C home > Mailing lists > Public > public-xmlsec@w3.org > July 2009

RE: Clarifying XPath Filtering Transform text (pertains to Action-350, etc.)

From: Scott Cantor <cantor.2@osu.edu>
Date: Fri, 31 Jul 2009 00:08:31 -0400
To: <edsimon@xmlsec.com>
Cc: "'XMLSec WG Public List'" <public-xmlsec@w3.org>
Message-ID: <044301ca1194$91864bd0$b492e370$@2@osu.edu>
Ed Simon wrote on 2009-07-30:
> I think we do need to make the subsequent text clearer wrt namespace
> handling and maybe provide some more examples. It would also seem to me
> that Toolkits should provide a way to make it easy for application
> developers to see exactly what octet stream is hashed.

That's pretty well known. There might even be a best practice note on it. I recall discussing this somewhere.

> Btw, to implementors, does your Tookit provide a way to get the octet stream
> that is ultimately hashed?

Apache xmlsec-j does, via a debug logging message. The -c version can be tweaked to build in a dumb way to get this, but I have a TODO to make something more usable available.

-- Scott
Received on Friday, 31 July 2009 04:09:09 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:59 GMT