You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2018/06/28 10:52:08 UTC
svn commit: r1031841 [2/2] - in /websites/production/santuario/content:
cache/main.pageCache ccredits.html cfaq.html cinstallation.html
cprogramming.html creleasenotes.html download.html index.html
Modified: websites/production/santuario/content/download.html
==============================================================================
--- websites/production/santuario/content/download.html (original)
+++ websites/production/santuario/content/download.html Thu Jun 28 10:52:08 2018
@@ -108,7 +108,7 @@ Apache Santuario -- download
<td height="100%">
<!-- Content -->
<div class="wiki-content">
-<div id="ConfluenceContent"><h1 id="download-ObtaintheApacheSantuario™distribution">Obtain the Apache Santuario™ distribution</h1><p>The <strong>Apache Santuario™</strong> project is aimed at providing implementation of the primary security standards for XML. Two libraries are currently available.</p><ul><li>Apache XML Security for Java - This library includes a mature Digital Signature and Encryption implementation. It also includes the standard JSR 105 (Java XML Digital Signature) API. Applications can use the standard JSR 105 API or the Apache Santuario API to create and validate XML Signatures.</li><li>Apache XML Security for C++ - This library includes a mature Digital Signature and Encryption implementation using a proprietary C++ API on top of the Xerces-C XML Parser's DOM API. It includes a pluggable cryptographic layer, but support for alternatives to OpenSSL are less complete and less mature.</li></ul><h3 id="download-Howtodownload">How to download</h3><p
>Use the links below to download a distribution of Apache Santuario from one of our mirrors. It is good practice to verify the integrity of the distribution files. Apache Santuario releases are available under the <a shape="rect" class="external-link" href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a> - see the LICENSE.txt and NOTICE.txt files contained in each release artifact.</p><h3 id="download-Currentofficialrelease(closestmirrorsiteselectedautomatically)">Current official release (closest mirror site selected automatically)</h3><ul><li>The current stable Java release is Apache XML Security for Java 2.1.2: <a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.lua/santuario/java-library/2_1_2/xmlsec-2.1.2-source-release.zip">xmlsec-2.1.2-source-release.zip</a> (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/java-library/2_1_2/xmlsec-2.1.2-source-release.zip.asc">PGP</a>) (<a shape="rect" cla
ss="external-link" href="https://www.apache.org/dist/santuario/java-library/2_1_2/xmlsec-2.1.2-source-release.zip.md5">MD5</a>) (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/java-library/2_1_2/xmlsec-2.1.2-source-release.zip.sha1">SHA1</a>)</li><li>The older stable Java release is Apache XML Security for Java 2.0.10:  <a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.lua/santuario/java-library/2_0_10/xmlsec-2.0.10-source-release.zip">xmlsec-2.0.10-source-release.zip</a> (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/java-library/2_0_10/xmlsec-2.0.10-source-release.zip.asc">PGP</a>) (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/java-library/2_0_10/xmlsec-2.0.10-source-release.zip.md5">MD5</a>) (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/java-library/2_0_10/xmlsec-2.0.10-source-release.zip.sha1">SHA1</a>)</
li><li>The current C++ release is Apache XML Security for C++ 1.7.3:<br clear="none"><ul><li><a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.lua/santuario/c-library/xml-security-c-1.7.3.tar.gz">xml-security-c-1.7.3.tar.gz</a> (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/c-library/xml-security-c-1.7.3.tar.gz.asc">PGP</a>) (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/c-library/xml-security-c-1.7.3.tar.gz.md5">MD5</a>) (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/c-library/xml-security-c-1.7.3.tar.gz.sha1">SHA1</a>) (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/c-library/xml-security-c-1.7.3.tar.gz.sha256">SHA256</a>)</li><li><a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.lua/santuario/c-library/xml-security-c-1.7.3.tar.bz2">xml-security-c-1.7.3.tar.bz2</a> (<a shape="rect" class
="external-link" href="https://www.apache.org/dist/santuario/c-library/xml-security-c-1.7.3.tar.bz2.asc">PGP</a>) (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/c-library/xml-security-c-1.7.3.tar.bz2.md5">MD5</a>) (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/c-library/xml-security-c-1.7.3.tar.bz2.sha1">SHA1</a>) (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/c-library/xml-security-c-1.7.3.tar.bz2.sha256">SHA256</a>)</li><li><a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.lua/santuario/c-library/xml-security-c-1.7.3.zip">xml-security-c-1.7.3.zip</a> (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/c-library/xml-security-c-1.7.3.zip.asc">PGP</a>) (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/c-library/xml-security-c-1.7.3.zip.md5">MD5</a>) (<a shape="rect" class="external-link"
href="https://www.apache.org/dist/santuario/c-library/xml-security-c-1.7.3.zip.sha1">SHA1</a>) (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/c-library/xml-security-c-1.7.3.zip.sha256">SHA256</a>)</li></ul></li></ul><h3 id="download-Archiveofoldreleases">Archive of old releases</h3><p>Older releases are available in the <a shape="rect" class="external-link" href="http://archive.apache.org/dist/santuario/">archive</a>.</p><h3 id="download-Verifyreleases">Verify releases</h3><p>It is essential that you verify the integrity of the downloaded files using the MD5/SHA and PGP signatures. Digest verification ensures the file was not corrupted or tampered with. PGP verification ensures that the file is authentic. In practice, PGP verification is <strong>much</strong> more important and makes checksum verification redundant.</p><h3 id="download-PGPSignature">PGP Signature</h3><p>The PGP signatures can be verified using <a shape="rect" class="external-link"
href="http://www.pgpi.org/" rel="nofollow">PGP</a> or <a shape="rect" class="external-link" href="http://www.gnupg.org/" rel="nofollow">GPG</a>. First download the Apache Santuario <a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/KEYS">KEYS</a> as well as the *.asc signature file for the particular distribution. It is important that you get these files from the ultimate trusted source - the main ASF distribution site, rather than from a mirror. Then verify the signatures using:</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+<div id="ConfluenceContent"><h1 id="download-ObtaintheApacheSantuario™distribution">Obtain the Apache Santuario™ distribution</h1><p>The <strong>Apache Santuario™</strong> project is aimed at providing implementation of the primary security standards for XML. Two libraries are currently available.</p><ul><li>Apache XML Security for Java - This library includes a mature Digital Signature and Encryption implementation. It also includes the standard JSR 105 (Java XML Digital Signature) API. Applications can use the standard JSR 105 API or the Apache Santuario API to create and validate XML Signatures.</li><li>Apache XML Security for C++ - This library includes a mature Digital Signature and Encryption implementation using a proprietary C++ API on top of the Xerces-C XML Parser's DOM API. It includes a pluggable cryptographic layer, but support for alternatives to OpenSSL are less complete and less mature.</li></ul><h3 id="download-Howtodownload">How to download</h3><p
>Use the links below to download a distribution of Apache Santuario from one of our mirrors. It is good practice to verify the integrity of the distribution files. Apache Santuario releases are available under the <a shape="rect" class="external-link" href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a> - see the LICENSE.txt and NOTICE.txt files contained in each release artifact.</p><h3 id="download-Currentofficialrelease(closestmirrorsiteselectedautomatically)">Current official release (closest mirror site selected automatically)</h3><ul><li>The current stable Java release is Apache XML Security for Java 2.1.2: <a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.lua/santuario/java-library/2_1_2/xmlsec-2.1.2-source-release.zip">xmlsec-2.1.2-source-release.zip</a> (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/java-library/2_1_2/xmlsec-2.1.2-source-release.zip.asc">PGP</a>) (<a shape="rect" cla
ss="external-link" href="https://www.apache.org/dist/santuario/java-library/2_1_2/xmlsec-2.1.2-source-release.zip.md5">MD5</a>) (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/java-library/2_1_2/xmlsec-2.1.2-source-release.zip.sha1">SHA1</a>)</li><li>The older stable Java release is Apache XML Security for Java 2.0.10:  <a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.lua/santuario/java-library/2_0_10/xmlsec-2.0.10-source-release.zip">xmlsec-2.0.10-source-release.zip</a> (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/java-library/2_0_10/xmlsec-2.0.10-source-release.zip.asc">PGP</a>) (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/java-library/2_0_10/xmlsec-2.0.10-source-release.zip.md5">MD5</a>) (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/java-library/2_0_10/xmlsec-2.0.10-source-release.zip.sha1">SHA1</a>)</
li><li>The current C++ release is Apache XML Security for C++ 2.0.0:<br clear="none"><ul><li><a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.lua/santuario/c-library/xml-security-c-2.0.0.tar.gz">xml-security-c-2.0.0.tar.gz</a> (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/c-library/xml-security-c-2.0.0.tar.gz.asc">PGP</a>) (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/c-library/xml-security-c-2.0.0.tar.gz.sha1">SHA1</a>) (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/c-library/xml-security-c-2.0.0.tar.gz.sha256">SHA256</a>)</li><li><a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.lua/santuario/c-library/xml-security-c-2.0.0.tar.bz2">xml-security-c-2.0.0.tar.bz2</a> (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/c-library/xml-security-c-2.0.0.tar.bz2.asc">PGP</a>) (<a shape="rect" clas
s="external-link" href="https://www.apache.org/dist/santuario/c-library/xml-security-c-2.0.0.tar.bz2.sha1">SHA1</a>) (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/c-library/xml-security-c-2.0.0.tar.bz2.sha256">SHA256</a>)</li><li><a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.lua/santuario/c-library/xml-security-c-2.0.0.zip">xml-security-c-2.0.0.zip</a> (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/c-library/xml-security-c-2.0.0.zip.asc">PGP</a>) (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/c-library/xml-security-c-2.0.0.zip.sha1">SHA1</a>) (<a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/c-library/xml-security-c-2.0.0.zip.sha256">SHA256</a>)</li></ul></li></ul><h3 id="download-Archiveofoldreleases">Archive of old releases</h3><p>Older releases are available in the <a shape="rect" class="external-link" href="h
ttp://archive.apache.org/dist/santuario/">archive</a>.</p><h3 id="download-Verifyreleases">Verify releases</h3><p>It is essential that you verify the integrity of the downloaded files using the PGP signatures. Digest verification ensures the file was not corrupted or tampered with but provides no real verification of authenticity. PGP verification ensures that the file is authentic. In practice, PGP verification is <strong>much</strong> more important and makes checksum verification redundant.</p><h3 id="download-PGPSignature">PGP Signature</h3><p>The PGP signatures can be verified using <a shape="rect" class="external-link" href="http://www.pgpi.org/" rel="nofollow">PGP</a> or <a shape="rect" class="external-link" href="http://www.gnupg.org/" rel="nofollow">GPG</a>. First download the Apache Santuario <a shape="rect" class="external-link" href="https://www.apache.org/dist/santuario/KEYS">KEYS</a> as well as the *.asc signature file for the particular distribution. It is important t
hat you get these files from the ultimate trusted source - the main ASF distribution site, rather than from a mirror. Then verify the signatures using:</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
<pre class="brush: java; gutter: false; theme: Default">% pgpk -a KEYS
% pgpv xml-security-bin-1_4_4.zip.asc
or
@@ -122,7 +122,7 @@ Apache Santuario -- download
<pre class="brush: java; gutter: false; theme: Default">% md5sum xml-security-X.Y.tar.gz
... output should match the string in xml-security-X.Y.tar.gz.md5
</pre>
-</div></div><p>We strongly recommend you verify your downloads with both PGP and a checksum.</p></div>
+</div></div><p>We strongly recommend you verify your downloads with PGP.</p></div>
</div>
<!-- Content -->
</td>
Modified: websites/production/santuario/content/index.html
==============================================================================
--- websites/production/santuario/content/index.html (original)
+++ websites/production/santuario/content/index.html Thu Jun 28 10:52:08 2018
@@ -99,7 +99,7 @@ Apache Santuario -- Index
<td height="100%">
<!-- Content -->
<div class="wiki-content">
-<div id="ConfluenceContent"><h1 id="Index-WelcometoApacheSantuario™">Welcome to Apache Santuario™</h1><h3 id="Index-TheProject">The Project</h3><p>The <strong>Apache Santuario™</strong> project is aimed at providing implementation of the primary security standards for XML:</p><ul><li>XML-Signature Syntax and Processing</li><li>XML Encryption Syntax and Processing.</li></ul><p>Two libraries are currently available.</p><ul><li>Apache XML Security for Java: This library includes the standard JSR-105 (Java XML Digital Signature) API,  a mature DOM-based implementation of both XML Signature and XML Encryption, as well as a more recent StAX-based (streaming) XML Signature and XML Encryption implementation.</li><li>Apache XML Security for C++: This library includes a mature Digital Signature and Encryption implementation using a proprietary C++ API on top of the Xerces-C XML Parser's DOM API. It includes a pluggable cryptographic layer, but support for alternatives t
o OpenSSL are less complete and less mature.</li></ul><h3 id="Index-News">News</h3><h5 id="Index-June2018">June 2018</h5><p>Version 2.1.2 of the Apache XML Security for Java library has been released.</p><p>Please see the <span class="confluence-link"><a shape="rect" href="javareleasenotes.html">release notes</a></span> for more information.</p><h5 id="Index-January2018">January 2018</h5><p>Versions 2.1.1 and 2.0.10 of the Apache XML Security for Java library have been released.</p><p>Please see the <span class="confluence-link"><a shape="rect" href="javareleasenotes.html">release notes</a></span> for more information.</p><h5 id="Index-March2015">March 2015</h5><p>Version 1.7.3 of the Apache XML Security for C++ library has been released, fixing a number of bugs, including a major issue involving ECDSA signature generation.</p><h3 id="Index-OlderNews">Older News</h3><p>See <a shape="rect" href="oldnews.html">here</a> for old news.</p><p> </p></div>
+<div id="ConfluenceContent"><h1 id="Index-WelcometoApacheSantuario™">Welcome to Apache Santuario™</h1><h3 id="Index-TheProject">The Project</h3><p>The <strong>Apache Santuario™</strong> project is aimed at providing implementation of the primary security standards for XML:</p><ul><li>XML-Signature Syntax and Processing</li><li>XML Encryption Syntax and Processing.</li></ul><p>Two libraries are currently available.</p><ul><li>Apache XML Security for Java: This library includes the standard JSR-105 (Java XML Digital Signature) API,  a mature DOM-based implementation of both XML Signature and XML Encryption, as well as a more recent StAX-based (streaming) XML Signature and XML Encryption implementation.</li><li>Apache XML Security for C++: This library includes a mature Digital Signature and Encryption implementation using a proprietary C++ API on top of the Xerces-C XML Parser's DOM API. It includes a pluggable cryptographic layer, but support for alternatives t
o OpenSSL are less complete and less mature.</li></ul><h3 id="Index-News">News</h3><h5 id="Index-June2018">June 2018</h5><p>Version 2.1.2 of the Apache XML Security for Java library has been released.</p><p>Please see the <span class="confluence-link"><a shape="rect" href="javareleasenotes.html">release notes</a></span> for more information.</p><p>Version 2.0.0 of the Apache XML Security for C++ has been released.</p><p>Please see the <a shape="rect" class="external-link" href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311231&version=12341551">release notes</a> for basic information on bugs addressed. As a major upgrade, this release includes a range of relative minor, but visible, changes to the API that are not explicitly noted there. There are no features of significance added in this version, merely some refactoring and removal of deprecated APIs.</p><h5 id="Index-January2018">January 2018</h5><p>Versions 2.1.1 and 2.0.10 of the Apache XML Security f
or Java library have been released.</p><p>Please see the <span class="confluence-link"><a shape="rect" href="javareleasenotes.html">release notes</a></span> for more information.</p><h5 id="Index-March2015">March 2015</h5><p>Version 1.7.3 of the Apache XML Security for C++ library has been released, fixing a number of bugs, including a major issue involving ECDSA signature generation.</p><h3 id="Index-OlderNews">Older News</h3><p>See <a shape="rect" href="oldnews.html">here</a> for old news.</p><p> </p></div>
</div>
<!-- Content -->
</td>