Geir Magnusson Jr wrote:
Tim Ellison wrote:
Geir Magnusson Jr wrote:
I'm integrating HARMONY-536, the JSSE provider. Two things:
1) it's contributed to go into x-net, but the package namespace is
o.a.h.security.provider.jsse
so I wonder if this would be better off in the security module. If not,
we are stuck because we don't have a 'negative' patternset for jar
packaging, so it's getting sucked into security jar right now anyway :)
IMHO it should be in x-net. Can't you rename the package?
Of course. Something was going to get moved, just wanted to see any
other opinions..
2) I have a little test proggie that shows that it's negotiating w/ the
other side, but given we have no cacerts, it whines and gives up. (It's
a reasonable whine...) Lazily and naively, I threw the cacerts from
Sun's JRE into jre/lib/security and prayed, but the security deities are
not smiling on me today. So, where does/what format/etc/etc should our
root cert file go?
Dunno. I know you were just playing, but AIUI the use of root
certificates for popular CA's cost $'s don't they?
I didn't think so. I thought that they gave the root certs away because
the value of a cert provider is directly proportional to the amount of
software out there that can understand it's certs...
Hi Geir,
I think you are right. The kind of information we would want to have in
a Harmony cacerts file is available from CA web sites (e.g. Verisign and
Thawte). Inclusion of Thawte root certs requires accepting their license
which is available on the repository access page [1]. It seems pretty
harmless (famous last words).
I guess that in order to build our own Harmony cacerts file we would
need to retrieve the root certs information from each CA in turn being
careful to check out the terms of any associated licenses.
Best regards,
George
[1] http://www.thawte.com/roots/index.html
Hopefully Boris will enlighten us to the format used.
Regards,
Tim
---------------------------------------------------------------------
Terms of use : http://incubator.apache.org/harmony/mailing.html
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
Terms of use : http://incubator.apache.org/harmony/mailing.html
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]