| Re: [wtp-incubator-dev] Question on XML Security design |
David M Williams wrote:
It's plugable in the sense that the encryption that is specified can be from bouncy-castle, the jre encryption libraries, or another third party library. Santuario is used to implement the W3C XML Encryption and Digital Signature.I've read (in the CQ for XML Security) that "... It uses API and libraries from the Apache Santuario project ..."but I seem to recall reading that the security implementation would be plugable.
There are numerous encryption algorithims that can be used, but only one way that the W3C specifications should be implemented. So the plugable part comes from the encryption libraries that do the actual encryption. At least that is my interpretation.
So, can you educate me on the difference between these two statements?How tightly coupled is the XML Security tools and the Apache Santuario project?Can the Apache Santuario plugin be left out, and the XML Security tools still be useful?Can some other plugin be added to an installation to provide the security implementation automatically?Or would some code have to be changed?Much thanks for any explanations (or pointers to elsewhere where it is already explained).
The best information is probably from Dominik's web site: http://translate.google.com/translate?hl=en&sl=de&u=http://www.xml-sicherheit.de/tutorials/basics.html&sa=X&oi=translate&resnum=5&ct=result&prev=/search%3Fq%3Dxml.com%2Bxml%2Bencryption%2Bsantuario%26hl%3Den%26client%3Dfirefox-a%26rls%3Dcom.ubuntu:en-US:unofficial%26hs%3D2Q8%26sa%3DX Dave
------------------------------------------------------------------------ _______________________________________________ wtp-incubator-dev mailing list wtp-incubator-dev@xxxxxxxxxxx https://dev.eclipse.org/mailman/listinfo/wtp-incubator-dev