I've had trouble with the binary-only o3-xml. Despite the current native implementation, SAX is way more efficient. Also, random XML resources on the Web tend to break and using a tolerant parser supports Postel's Law.
Related notes: I'm currently refurbishing node-crypto for enhanced key management. Will you be at Federated Social Web Berlin tomorrow?
ostatus.webfinger: use sax instead of o3-xml
ostatus.hcard: use sax instead of o3-xml
package.json: req sax >=0.1.2
ostatus.hcard: fix parsing
ostatus.as: use sax instead of o3-xml
Awesome ! Looks good to me. I did not have much time to test this, so I just merged and we'll see how it goes. I've also removed the dependency on O3 from package.json (which I think break salmon for now but can be easily fixed as well).