Jump to navigation

Poupou's Corner of the Web

Looking for perfect security? Try a wireless brick.
Otherwise you may find some unperfect stuff here...

Weblog

My own blog - from A to Z

It's been two weeks since I started blogging (somewhat privately until now). I searched to a good simple tool and found that there are way TOO much blog tools available. However I didn't find the right tool for me (what a lame excuse for rolling my own ;-). I just wanted a simple, free, Windows rich-client application that could upload my blog via ftp. I had a near-miss with Blog 7.1 but it didn't support RSS :-(.

Am I alone using (or hoping for) such kind of blog software ?


9/30/2003 19:52:47 | Comments | Permalink

Are WS-* specs complete ?

Well after (too) much reading I still haven't found exactly how to use UsernameToken to sign a SOAP message. This is definitively not part of the original WS-Security specification (where UsernameToken is defined) or addendum but there is a rough and incomplete description about it in WS-Trust. So far I'd no luck implementing this for Mono::. I guess it's time to ask the newsgroups :-(


9/27/2003 16:06:32 | Comments | Permalink

XKMS memories

It seems that my two old articles on XKMS version 1.0 have been "semi-retired" from VeriSign's XML Trust Center. This is the proof that no one should trust the web memory ;-). Here are local links to copy of both outdated articles: Part I : Building a XKMS client using the .NET Framework and Part II: Building a XKMS service using ASP.NET.


9/24/2003 18:16:10 | Comments | Permalink

StrongName in Mono ? not just yet

I finally found the way to duplicate the undocumented (not found in MSDN's Unmanaged API Reference but present in StrongName.h) GetHashFromAssemblyFile results. It was simpler than expected as it only hash the metadata inside a PE file.

This gives me a way to compare if two assembly are identical except for their signature (like sn -D asm1 asm2). However it seems to be unrelated to the hash used to sign assemblies :-(. So it's not over yet...


9/21/2003 18:53:06 | Comments | Permalink

Authenticode support in Mono::

Well it's now official on Mono home page - you can sign and verify Authenticode® compatible signatures using 100% managed and open source code. That's right you can now sign Windows executable files (EXE, DLL, OCX...) under Linux, FreeBSD and other operating systems supported by Mono::. I guess I should concentrate on strongname support now.


9/18/2003 16:12:09 | Comments | Permalink

The views expressed on this website/weblog are mine alone and do not necessarily reflect the views of my employer.