You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2013/12/19 17:15:28 UTC
svn commit: r891053 - in /websites/production/santuario/content:
cache/main.pageCache download.html
Author: coheigea
Date: Thu Dec 19 16:15:27 2013
New Revision: 891053
Log:
Updating website
Modified:
websites/production/santuario/content/cache/main.pageCache
websites/production/santuario/content/download.html
Modified: websites/production/santuario/content/cache/main.pageCache
==============================================================================
Binary files - no diff available.
Modified: websites/production/santuario/content/download.html
==============================================================================
--- websites/production/santuario/content/download.html (original)
+++ websites/production/santuario/content/download.html Thu Dec 19 16:15:27 2013
@@ -121,40 +121,8 @@ Apache Santuario -- download
<td height="100%">
<!-- Content -->
<div class="wiki-content">
-<div id="ConfluenceContent"><h1 id="download-ObtaintheApacheSantuariodistribution">Obtain the Apache Santuario distribution</h1>
-
-<p>The <span class="tm mark"><b>Apache Santuario</b><small><sup>TM</sup></small></span>
- project is aimed at providing implementation of the primary security standards for XML. Two libraries are currently available.</p>
-
-<ul><li>Apache XML Security for Java - This library includes a mature Digital Signature and Encryption implementation. It also includes the standard JSR 105 (Java XML Digital Signature) API. Applications can use the standard JSR 105 API or the Apache Santuario API to create and validate XML Signatures.</li><li>Apache XML Security for C++ - This library includes a mature Digital Signature and Encryption implementation using a proprietary C++ API on top of the Xerces-C XML Parser's DOM API. It includes a pluggable cryptographic layer, but support for alternatives to OpenSSL are less complete and less mature.</li></ul>
-
-
-<h3 id="download-Howtodownload">How to download</h3>
-
-<p>Use the links below to download a distribution of Apache Santuario from one of our mirrors. It is good practice to verify the integrity of the distribution files. Apache Santuario releases are available under the <a shape="rect" class="external-link" href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a> - see the LICENSE.txt and NOTICE.txt files contained in each release artifact.</p>
-
-<h3 id="download-Currentofficialrelease(closestmirrorsiteselectedautomatically)">Current official release (closest mirror site selected automatically)</h3>
-
-<ul><li>The current Java release is Apache XML Security for Java 1.5.6: <a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.cgi?path=/santuario/java-library/1_5_6/xml-security-bin-1_5_6.zip">xml-security-bin-1_5_6.zip</a> (<a shape="rect" class="external-link" href="http://www.apache.org/dist/santuario/java-library/1_5_6/xml-security-bin-1_5_6.zip.asc">PGP</a>) (<a shape="rect" class="external-link" href="http://www.apache.org/dist/santuario/java-library/1_5_6/xml-security-bin-1_5_6.zip.md5">MD5</a>)</li></ul>
-
-
-<ul><li>The current C++ release is Apache XML Security for C++ 1.7.2: <a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.cgi?path=/santuario/c-library/xml-security-c-1.7.2.tar.gz">xml-security-c-1.7.2.tar.gz</a> (<a shape="rect" class="external-link" href="http://www.apache.org/dist/santuario/c-library/xml-security-c-1.7.2.tar.gz.asc">PGP</a>) (<a shape="rect" class="external-link" href="http://www.apache.org/dist/santuario/c-library/xml-security-c-1.7.2.tar.gz.md5">MD5</a>)</li></ul>
-
-
-<h3 id="download-Archiveofoldreleases">Archive of old releases</h3>
-
-<p>Older releases are available in the <a shape="rect" class="external-link" href="http://archive.apache.org/dist/santuario/">archive</a>.</p>
-
-<h3 id="download-Verifyreleases">Verify releases</h3>
-
-<p>It is essential that you verify the integrity of the downloaded files using the MD5 and PGP signatures. MD5 verification ensures the file was not corrupted or tampered with. PGP verification ensures that the file came from a certain person.</p>
-
-<h3 id="download-PGPSignature">PGP Signature</h3>
-
-<p>The PGP signatures can be verified using <a shape="rect" class="external-link" href="http://www.pgpi.org/" rel="nofollow">PGP</a> or <a shape="rect" class="external-link" href="http://www.gnupg.org/" rel="nofollow">GPG</a>. First download the Apache Santuario <a shape="rect" class="external-link" href="http://www.apache.org/dist/santuario/KEYS">KEYS</a> as well as the *.asc signature file for the particular distribution. It is important that you get these files from the ultimate trusted source - the main ASF distribution site, rather than from a mirror. Then verify the signatures using ...</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
-<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
-% pgpk -a KEYS
+<div id="ConfluenceContent"><h1 id="download-ObtaintheApacheSantuariodistribution">Obtain the Apache Santuario distribution</h1><p>The <strong>Apache Santuario</strong> project is aimed at providing implementation of the primary security standards for XML. Two libraries are currently available.</p><ul><li>Apache XML Security for Java - This library includes a mature Digital Signature and Encryption implementation. It also includes the standard JSR 105 (Java XML Digital Signature) API. Applications can use the standard JSR 105 API or the Apache Santuario API to create and validate XML Signatures.</li><li>Apache XML Security for C++ - This library includes a mature Digital Signature and Encryption implementation using a proprietary C++ API on top of the Xerces-C XML Parser's DOM API. It includes a pluggable cryptographic layer, but support for alternatives to OpenSSL are less complete and less mature.</li></ul><h3 id="download-Howtodownload">How to download</h3><p>Use the links below
to download a distribution of Apache Santuario from one of our mirrors. It is good practice to verify the integrity of the distribution files. Apache Santuario releases are available under the <a shape="rect" class="external-link" href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a> - see the LICENSE.txt and NOTICE.txt files contained in each release artifact.</p><h3 id="download-Currentofficialrelease(closestmirrorsiteselectedautomatically)">Current official release (closest mirror site selected automatically)</h3><ul><li>The current Java release is Apache XML Security for Java 1.5.6: <a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.cgi?path=/santuario/java-library/1_5_6/xml-security-bin-1_5_6.zip">xml-security-bin-1_5_6.zip</a> (<a shape="rect" class="external-link" href="http://www.apache.org/dist/santuario/java-library/1_5_6/xml-security-bin-1_5_6.zip.asc">PGP</a>) (<a shape="rect" class="external-link" href="http://www.ap
ache.org/dist/santuario/java-library/1_5_6/xml-security-bin-1_5_6.zip.md5">MD5</a>)</li></ul><ul><li>The current C++ release is Apache XML Security for C++ 1.7.2: <a shape="rect" class="external-link" href="http://www.apache.org/dyn/closer.cgi?path=/santuario/c-library/xml-security-c-1.7.2.tar.gz">xml-security-c-1.7.2.tar.gz</a> (<a shape="rect" class="external-link" href="http://www.apache.org/dist/santuario/c-library/xml-security-c-1.7.2.tar.gz.asc">PGP</a>) (<a shape="rect" class="external-link" href="http://www.apache.org/dist/santuario/c-library/xml-security-c-1.7.2.tar.gz.md5">MD5</a>)</li></ul><h3 id="download-Archiveofoldreleases">Archive of old releases</h3><p>Older releases are available in the <a shape="rect" class="external-link" href="http://archive.apache.org/dist/santuario/">archive</a>.</p><h3 id="download-Verifyreleases">Verify releases</h3><p>It is essential that you verify the integrity of the downloaded files using the MD5 and PGP signatures. MD5 verification ens
ures the file was not corrupted or tampered with. PGP verification ensures that the file came from a certain person.</p><h3 id="download-PGPSignature">PGP Signature</h3><p>The PGP signatures can be verified using <a shape="rect" class="external-link" href="http://www.pgpi.org/" rel="nofollow">PGP</a> or <a shape="rect" class="external-link" href="http://www.gnupg.org/" rel="nofollow">GPG</a>. First download the Apache Santuario <a shape="rect" class="external-link" href="http://www.apache.org/dist/santuario/KEYS">KEYS</a> as well as the *.asc signature file for the particular distribution. It is important that you get these files from the ultimate trusted source - the main ASF distribution site, rather than from a mirror. Then verify the signatures using ...</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[% pgpk -a KEYS
% pgpv xml-security-bin-1_4_4.zip.asc
or
% pgp -ka KEYS
@@ -163,18 +131,11 @@ Apache Santuario -- download
% gpg --import KEYS
% gpg --verify xml-security-bin-1_4_4.zip.asc
]]></script>
-</div></div>
-
-<h3 id="download-MD5Checksum">MD5 Checksum</h3>
-
-<p>To verify the MD5 checksum on the files, you need to use a program called md5 or md5sum, which is included in many unix distributions. It is also available as part of <a shape="rect" class="external-link" href="http://www.gnu.org/software/textutils/textutils.html" rel="nofollow">GNU Textutils</a>. Windows users can get binary md5 programs from <a shape="rect" class="external-link" href="http://www.fourmilab.ch/md5/" rel="nofollow">here</a>, <a shape="rect" class="external-link" href="http://www.pc-tools.net/win32/freeware/console/" rel="nofollow">here</a>, or <a shape="rect" class="external-link" href="http://www.slavasoft.com/fsum/" rel="nofollow">here</a> or an openssl client from <a shape="rect" class="external-link" href="http://www.slproweb.com/products/Win32OpenSSL.html" rel="nofollow">here</a>.</p>
-<div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
-<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[
-% md5sum xml-security-X.Y.tar.gz
+</div></div><h3 id="download-MD5Checksum">MD5 Checksum</h3><p>To verify the MD5 checksum on the files, you need to use a program called md5 or md5sum, which is included in many unix distributions. It is also available as part of <a shape="rect" class="external-link" href="http://www.gnu.org/software/textutils/textutils.html" rel="nofollow">GNU Textutils</a>. Windows users can get binary md5 programs from <a shape="rect" class="external-link" href="http://www.fourmilab.ch/md5/" rel="nofollow">here</a>, <a shape="rect" class="external-link" href="http://www.pc-tools.net/win32/freeware/console/" rel="nofollow">here</a>, or <a shape="rect" class="external-link" href="http://www.slavasoft.com/fsum/" rel="nofollow">here</a> or an openssl client from <a shape="rect" class="external-link" href="http://www.slproweb.com/products/Win32OpenSSL.html" rel="nofollow">here</a>.</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent pdl">
+<script class="theme: Default; brush: xml; gutter: false" type="syntaxhighlighter"><![CDATA[% md5sum xml-security-X.Y.tar.gz
... output should match the string in xml-security-X.Y.tar.gz.md5
]]></script>
-</div></div>
-<p>We strongly recommend you verify your downloads with both PGP and MD5.</p></div>
+</div></div><p>We strongly recommend you verify your downloads with both PGP and MD5.</p></div>
</div>
<!-- Content -->
</td>