You are viewing a plain text version of this content. The canonical link for it is here.

Posted to fx-dev@ws.apache.org by Werner Dittmann <We...@t-online.de> on 2005/09/25 15:39:29 UTC

STR Transform, use of XPath, xml-sec library etc.

All,

I just finished some restructure of the STRTransform functions. After
having some input from our xml-sec gurus (thanks Raul and Sean) I got
a better (a little better only :-)  ) understanding about c14n and so
on.

Now the STRTransform is much cleaner, also no more use of the deprecated
circumventBug2650. This results in lower memory footprint. Qute from
and e.-mail on xml-sec:

<cite>

Don't use any xpath transformation. Select what you want to sign with:

 <Reference URI="#whatToSign">..</Reference>
<NodeToBeSigned id="whatToSign">..</NodeToBeSigned>

In this way , the circumventBug2650 is not called(and other several
optimizations hit). And you can sign bigger documents.

Using xpath transformation is always one order the magnitude slower.

</cite>

This is what we are doing now (WSS always used such references only).

And, according to Raul's statement: when modifying code, adding new
features etc we shall be carefull not to use XPath :-)

Regards,
Werner

---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org