Re: Help and input needed

classpath

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Help and input needed

From:	Casey Marshall
Subject:	Re: Help and input needed
Date:	Tue, 16 Dec 2003 15:06:03 -0800
User-agent:	Gnus/5.1002 (Gnus v5.10.2) Emacs/21.2 (gnu/linux)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "Mark" == Mark Wielaard <address@hidden> writes:

Mark> [...]

Mark> As you can see very little coding, reviewing or even testing of
Mark> code :( My new year resolution will be: Less talking, More
Mark> coding!

There's a few things relating to the security/crypto bits of Classpath
and friends that I'd like to mention, and get opinions on:

  - Jessie looks like it will become a GNU package someday, but there
    is still some question of where it should go. Suggestions include

       * Classpathx, but Nic has indicated that he thinks Classpathx
         would be better off in Classpath proper.

       * Classpath, possibly as an optional/sub- project.

       * On its own, all by its lonesome.

    Above all I'd like to see this project keep some level of
    independence from Classpath, so it can evolve at its own pace.

  - I've been extending the X.509 classes I put into Classpath a while
    ago to complete the PKI platform with things such as
    CertPathValidator implementations, and have started implementing
    NIST's giant PKI test suite [1] around Mauve. There is a *totally*
    unofficial tarball of this at [2] (the username is "pki" and the
    password "gnupki" -- I don't want Joe Searchengine downloading
    this quite yet). I currently have 73 tests (out of hundreds)
    implemented, and they all pass.

    The questions here are similar to those for Jessie: where should
    this go?

    The PKIX standard is giant and complicated. Anyone with copious
    spare time (...) is welcome to help.

  - Classpath, Jessie, and the GNU PKI packages all have their own
    copies of some simple ASN.1 DER codec classes. This isn't good.
    Some sort of grand unified ASN.1 library would be nice to have.

  - KeyStores. We have a brand-new keyring format in GNU Crypto, and
    attached is a minimal read-only version for public keyrings.

  - Policy files. I have been working on and off on an implementation
    of java.security.Policy that reads JDK-style policy files. I've
    attached my current version.

  - javax.crypto and javax.net.ssl should go into Classpath, in my
    opinion.

  - My own list for future additions include

      * Kerberos and GSSAPI.
      * OpenPGP.
      * Keytool and jarsigner equivalents.

- ---
[1] http://csrc.nist.gov/pki/testing/x509paths.html
[2] http://metastatic.org/source/gnu-pki/

- -- 
Casey Marshall || address@hidden
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.7 <http://mailcrypt.sourceforge.net/>

iD8DBQE/349wgAuWMgRGsWsRAt6OAJ9G+nmGO5e2LNtlg8Fzk3XDr9JgLgCfXUed
dX6Agjacd3S2QrBD+uf+Qxo=
=RMwn
-----END PGP SIGNATURE-----

GnuKeyring.java
Description: Text document

PolicyFile.java
Description: Text document

[Prev in Thread]

Current Thread

[Next in Thread]

Help and input needed, Mark Wielaard, 2003/12/14
- Re: Help and input needed, Dalibor Topic, 2003/12/16
  - Re: Help and input needed, Mark Wielaard, 2003/12/20
    - Re: Help and input needed, Dalibor Topic, 2003/12/24
- Re: Help and input needed, Casey Marshall <=
- Re: Help and input needed, Patrik Reali, 2003/12/15
  - Re: Help and input needed, Dalibor Topic, 2003/12/16

Prev by Date: Re: AWT peers (Was: [PATCH] More List fixes)
Next by Date: Re: AWT peers (Was: [PATCH] More List fixes)
Previous by thread: Re: Help and input needed
Next by thread: Re: Help and input needed
Index(es):
- Date
- Thread