XML News from Wednesday, February 11, 2004

Who else noticed that the latest Microsoft security hole was really an bug in their ASN.1 implementation? In theory text and binary formats are isomprophic and equivalent. In practice text formats in general (and XML formats in particular) are simpler, easier-to-use, easier-to-debug and less prone to security problems. Also of note was that it took Microsoft six months to fix this problem. Somehow I suspect that even if a security hole were found in Xerces or libxml, it wouldn't take their vendors half a year before releasing a patch.


The Software Development West 2004 Expo in Santa Clara next month (March 15-19) is looking for a few more volunteers to man doors, distribute notes, and similar tasks. For each day a you volunteer you get to attend the conference for a day free, and most volunteer days involve nothing more than sitting in the back of the room listenting to the presentation, and collecting eval forms at the end; so really, it's a nice way to attend the show for free.


Valéry Febvre has posted PyXMLSec 0.2.0, a set of Python bindings for the XML Security Library. This is published under the GPL.