Hi Tom,
I've been trying out your DK signing mailet - thanks for your hard work. Some
feedback:
I've downgraded the code (or at least the areas I'm using) to Java 1.4. I've also changed the
temporary file handling a little - the mailet (or more specifically GenericSigner and
GenericVerifier) do not seem to close or delete the temporary file, which in a long running process
may prove to be problematic. I added a finally block to do this in each of the classes above.
Otherwise, the mailet seems to be working well so far.
Ciao,
Craig
Tom Brown wrote:
Thanks for the feedback!
1) If there are alternatives to using the sun.* classes, I'd be happy
to use them! However, I'm not that experienced with java cryptography
features, and for some reason, it would only work when the key stuff
was directly instantiated.
2) I was unaware that the StringBuilder was only available in java 5.
(I guess I should have done my homework). However, I don't know of any
other parts of the code that are java 5 only, but I guess I'd have to
try and compile it with an older JDK to find out...
3) I believe this is a full implementation. The Yahoo! site links to a
revision 3 of the specification (broken link), but I was using
revision 6 that I found somewhere.
4) I am very interested in upgrading the DK suite to DKIM. They are
similar in a lot of ways, though not exact. The DKIM spec is about
twice as long as the DK spec, and has more options-- but it's the same
principles.
Q. does Yahoo! have a compliance test suite?
A. I couldn't ever find one. However, I did find some public mail
servers advertising to test the DK implementation. I had a lot of
success when using:
http://www.skylist.com/resources/authentication.php
Tom
On 12/31/06, Stefano Bagnara <[EMAIL PROTECTED]> wrote:
Tom Brown wrote:
> I have submitted the code via JIRA. I believe it's issue #12359570.
>
> Tom
First of all, thank you! It's always cool to receive code contributions!
I gave the code a really fast review and I have some comment/question:
1) I noticed a class using 2 sun.* classes.
import sun.misc.BASE64Decoder;
import sun.security.rsa.RSAPublicKeyImpl;
That code is tied to the SUN libraries.
What about using a KeyFactory to generate the RSA public key?
http://java.sun.com/j2se/1.4.2/docs/api/java/security/KeyFactory.html
2) I see you use StringBuilder so the code is tied to Java5. If we want
to make it releasable with current James we have to backport it to Java2
1.4 (replace it with StringBuffer). Is there anything else depending on
java5 ?
3) I don't know the DK specification: is it fully supported by this
code? or is it a partial implementation?
4) I don't know what are the differences between DK and DKIM: do you
plan to work also on DKIM or in any way support DKIM, too?
Stefano
PS: Robert, is this work somehow related to the reorganization of crypto
code (SMIME/PGP) discussed here
http://issues.apache.org/jira/browse/JAMES-596 ?
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
