Eric Rescorla wrote: > > This didn't make it out the first time so I'm resending... > > I'm looking at what needs to be done to make the 3.3 SSL portablity > stuff work properly with Coyote. For the most part, this work has been > done--if you set the SSLImplementation appropriately and the correct > factory gets invoked. However, there appear to be some issues with > CoyoteServerSocketFactory and it's handling of configuration > directives: > > (1) CoyoteServerSocketFactory appears to be willing to handle a > "socketFactoryName". AFAICT, this is supplanted by SSLImplementation > and none of the other code does anything with it. Any reason not to > remove support for this directive entirely? > > (2) JSSE uses one keyfile (the keystore). PureTLS uses three, the > keyfile, the CA file, and the random file. I need to add new > directives to ServerSocketFactory to propagate those. >
Erik - any chance of implementing this with a generic certificate/key factory so that the SocketFactory doesn't just rely on the default keystore? > Does anyone object to these changes? > > -Ekr > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>