[xmlsec] Some URI problems

Ulrich Wisser ulrich at wisser.se
Tue Aug 20 05:13:55 PDT 2013


Thank you Aleksey for pointing me to the correct URIs.

/Ulrich


2013/8/19 Aleksey Sanin <aleksey at aleksey.com>

> Not sure where you've got these uris but these are the uris that
> xmlsec supports (taken from specs):
>
> https://git.gnome.org/browse/xmlsec/tree/src/strings.c
>
> Aleksey
>
> On 8/19/13 7:59 AM, Ulrich Wisser wrote:
> > Hi,
> >
> > while testing a perl implementation of xml-dsig I found some problems
> > with URI's.
> >
> > Could it be that xmlsec only supports sha1? I have been trying to verify
> > rsa-sha512 and signatures and sha-256 digests. Maybe I have the wrong
> URI's?
> >
> > http://www.w3.org/2000/09/xmldsig#rsa-sha512
> > http://www.w3.org/2000/09/xmldsig#sha256
> >
> > By testing the perl implementation against some live data from working
> > federations I found more URI issues. Should Canonicalization be given as
> >   http://www.w3.org/TR/2001/REC-xml-c14n-20010315#
> > or
> >   http://www.w3.org/TR/2001/REC-xml-c14n-20010315
> >
> > The only difference is the missing hash tag. Xmlsec allows only the one
> > without hash tag. But libxml2 will only output with hashtag.
> >
> > For Transform xmlsec requires the hashtag
> > http://www.w3.org/2001/10/xml-exc-c14n#
> > But refuses the version without hashtag.
> >
> > Could some please enlighten me? Which URI's should I use and why?
> > Which digest and signature algorithms does xmlsec support?
> >
> > Thanks
> >
> > /Ulrich
> >
> >
> > _______________________________________________
> > xmlsec mailing list
> > xmlsec at aleksey.com
> > http://www.aleksey.com/mailman/listinfo/xmlsec
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.aleksey.com/pipermail/xmlsec/attachments/20130820/1938c132/attachment.html>


More information about the xmlsec mailing list