Bob, I am gratified to see this effort on Fedora - it is sorely needed. However, there is one area of coverage that is missing in this effort: that of Java developers.
As you know, Java has its own keystore and APIs for the same functions (with some limitations) that NSS offers. While Java developers have to currently deal with multiple keystores (beyond the JKS), it at least gives them some consistency across platforms - which is a great benefit. Given that the Fedora community is embarking on an effort to consolidate crypto keystores and libraries, it would make sense to take the needs of the Java community also into consideration in the design and implementation. While you will rightly point out that JSS provides that capability today, unfortunately, the JSS API is quite different from the JCE API and requires application-level porting. What would be ideal is for JSS to evolve into becoming just another pluggable JCE Provider and hide the access to the consolidated Fedora crypto keystore/library behind that interface. You will then be doing two communities a great service. I'm looking forward to seeing this work come to fruition; you can count on my support. Arshad Noor StrongAuth, Inc. Robert Relyea wrote: >> It's part of the Fedora Crypto Consolidation project: >> http://fedoraproject.org/wiki/FedoraCryptoConsolidation _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
