| <?xml version="1.0" encoding="UTF-8"?> |
| <!DOCTYPE document PUBLIC "-//APACHE//DTD Documentation V1.1//EN" "document-v11.dtd" |
| [ |
| <!ENTITY % xmlsec_entities SYSTEM "./xmlsec_entities.ent"> |
| %xmlsec_entities; |
| ]> |
| <!-- |
| Copyright 2003-2004 The Apache Software Foundation |
| |
| Licensed under the Apache License, Version 2.0 (the "License"); |
| you may not use this file except in compliance with the License. |
| You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| --> |
| |
| <document> |
| <header> |
| <title>Downloading the Libraries</title> |
| </header> |
| <body> |
| <section> |
| <title>Obtaining the Libraries</title> |
| <p> |
| Source and binrary distributions for both the Java and C++ libraries |
| are available from from the |
| <jump href="http://xml.apache.org/security/dist/"> |
| XML project site</jump> only. Current |
| distributions are <em>not</em> available from the mirrors. |
| </p> |
| </section> |
| <section> |
| <title>Validating Distribution Signatures</title> |
| <p> |
| All distributions are provided with signature <em>.sig</em> files. |
| These contain PGP signatures for the related distribution. |
| You should validate these using the keys found in the |
| <jump href="http://www.apache.org/dist/xml/security/KEYS"> |
| key file</jump> downloaded from the Apache site. |
| </p> |
| <p/> |
| <!-- |
| This is not valid if the mirror is not available |
| <warning> |
| You should always use a key file downloaded from the Apache site |
| directly rather than from a mirror. |
| </warning> |
| --> |
| <p> |
| Verification can be performed using : |
| </p> |
| <source> |
| % pgpk -a KEYS |
| % pgpv xml-security-bin-1_2_1.zip.sig |
| <em>or</em> |
| % pgp -ka KEYS |
| % pgp xml-security-bin-1_2_1.zip.sig |
| <em>or</em> |
| % gpg --import KEYS |
| % gpg --verify xml-security-bin-1_2_1.zip.sig |
| </source> |
| </section> |
| <section> |
| <title>CVS Download</title> |
| <p> |
| For the adventurous, this project's CVS repository can be checked |
| out through anonymous (pserver) CVS with the following instruction |
| set. When prompted for a password for anonymous, simply enter |
| "anoncvs" without quotes: |
| </p> |
| <source>cvs -d :pserver:anoncvs@cvs.apache.org:/home/cvspublic login |
| password: anoncvs |
| cvs -d :pserver:anoncvs@cvs.apache.org:/home/cvspublic checkout |
| xml-security |
| </source> |
| </section> |
| </body> |
| </document> |
| |
| |
| |
| |
| <!-- Keep this comment at the end of the file |
| Local variables: |
| mode: xml |
| sgml-omittag:nil |
| sgml-shorttag:nil |
| sgml-namecase-general:nil |
| sgml-general-insert-case:lower |
| sgml-minimize-attributes:nil |
| sgml-always-quote-attributes:t |
| sgml-indent-step:2 |
| sgml-indent-data:t |
| sgml-parent-document:nil |
| sgml-exposed-tags:nil |
| sgml-local-catalogs:nil |
| sgml-local-ecat-files:nil |
| End: |
| --> |