You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by Milan Tomic <mi...@setcce.org> on 2004/12/05 14:36:07 UTC
Proposal
I have an interesting idea and I hope it is not too compilcated.
It would be great if Apache XSEC libraries (Java & C++) would, during
XML signature validation, retrive colo(u)red XML that was signed, as
HTML (not signed XML in one colo(u)r and signed in the other). The
problem today is that when end user (a person) receives signed XML file
and clicks on "Verify"/"Validate" button in some GUI app and receives
answer (i.e. "Signature is valid."), s/he doesn't know what was signed
in XML document. Sometimes there are complicated XPath expressions in
reference section of Signature node and this is too difficult for end
users. Any comments?
Best regards,
Milan
RE: Proposal
Posted by Matthias Niggemeier <M...@thias.de>.
Doh!
First read, then write :-)
It would be interesting how many users of xerces / xsec use
it to display xml content.
Regards
Matthias
> -----Original Message-----
> From: Milan Tomic [mailto:milan@setcce.org]
> Sent: Monday, December 06, 2004 8:12 AM
> To: security-dev@xml.apache.org
> Subject: RE: Proposal
>
>
> Hi,
>
> I have written that it would be desirable to have output in
> HTML, not as XML.
>
> Best regards,
> Milan
>
>
> > -----Original Message-----
> > From: Matthias Niggemeier [mailto:m@thias.de]
> > Sent: Sunday, December 05, 2004 4:56 PM
> > To: security-dev@xml.apache.org
> > Subject: AW: Proposal
> >
> >
> > Maybe i am outing me as an xml-newbie, but how do you
> > color an xml file?
> >
> > Regards
> > Matthias
> >
> > > -----Ursprüngliche Nachricht-----
> > > Von: Milan Tomic [mailto:milan@setcce.org]
> > > Gesendet: Sonntag, 5. Dezember 2004 14:36
> > > An: security-dev@xml.apache.org
> > > Betreff: Proposal
> > >
> > >
> > >
> > > I have an interesting idea and I hope it is not too
> > > compilcated. It would be great if Apache XSEC libraries (Java
> > > & C++) would, during XML signature validation, retrive
> > > colo(u)red XML that was signed, as HTML (not signed XML in
> > > one colo(u)r and signed in the other). The problem today is
> > > that when end user (a person) receives signed XML file and
> > > clicks on "Verify"/"Validate" button in some GUI app and
> > > receives answer (i.e. "Signature is valid."), s/he doesn't
> > > know what was signed in XML document. Sometimes there are
> > > complicated XPath expressions in reference section of
> > > Signature node and this is too difficult for end users. Any
> > comments?
> > >
> > > Best regards,
> > > Milan
> > >
> > >
> >
>
>
RE: Proposal
Posted by Milan Tomic <mi...@setcce.org>.
Hi,
I have written that it would be desirable to have output in
HTML, not as XML.
Best regards,
Milan
> -----Original Message-----
> From: Matthias Niggemeier [mailto:m@thias.de]
> Sent: Sunday, December 05, 2004 4:56 PM
> To: security-dev@xml.apache.org
> Subject: AW: Proposal
>
>
> Maybe i am outing me as an xml-newbie, but how do you
> color an xml file?
>
> Regards
> Matthias
>
> > -----Ursprüngliche Nachricht-----
> > Von: Milan Tomic [mailto:milan@setcce.org]
> > Gesendet: Sonntag, 5. Dezember 2004 14:36
> > An: security-dev@xml.apache.org
> > Betreff: Proposal
> >
> >
> >
> > I have an interesting idea and I hope it is not too
> > compilcated. It would be great if Apache XSEC libraries (Java
> > & C++) would, during XML signature validation, retrive
> > colo(u)red XML that was signed, as HTML (not signed XML in
> > one colo(u)r and signed in the other). The problem today is
> > that when end user (a person) receives signed XML file and
> > clicks on "Verify"/"Validate" button in some GUI app and
> > receives answer (i.e. "Signature is valid."), s/he doesn't
> > know what was signed in XML document. Sometimes there are
> > complicated XPath expressions in reference section of
> > Signature node and this is too difficult for end users. Any
> comments?
> >
> > Best regards,
> > Milan
> >
> >
>
AW: Proposal
Posted by Matthias Niggemeier <m...@thias.de>.
Maybe i am outing me as an xml-newbie, but how do you
color an xml file?
Regards
Matthias
> -----Ursprüngliche Nachricht-----
> Von: Milan Tomic [mailto:milan@setcce.org]
> Gesendet: Sonntag, 5. Dezember 2004 14:36
> An: security-dev@xml.apache.org
> Betreff: Proposal
>
>
>
> I have an interesting idea and I hope it is not too
> compilcated. It would be great if Apache XSEC libraries (Java
> & C++) would, during XML signature validation, retrive
> colo(u)red XML that was signed, as HTML (not signed XML in
> one colo(u)r and signed in the other). The problem today is
> that when end user (a person) receives signed XML file and
> clicks on "Verify"/"Validate" button in some GUI app and
> receives answer (i.e. "Signature is valid."), s/he doesn't
> know what was signed in XML document. Sometimes there are
> complicated XPath expressions in reference section of
> Signature node and this is too difficult for end users. Any comments?
>
> Best regards,
> Milan
>
>