Re: [dcserver-developer] dcs: Dont Change your Shorts
Status: Alpha
Brought to you by:
robertprince
Menu
▾
▴
Re: [dcserver-developer] dcs: Dont Change your Shorts
|
From: Robert P. <ton...@ya...> - 2001-12-06 02:09:53
|
good question - what i'm planning is: - the CA is made up of several services (such as the KeyManagementService, the KeyGenerationService, the CertManagementService, the CipherService, etc) - each of these services are spec'd out as an API - abstract implementations of each will be created; these abstract implementations go as far as possible using only sun's crypto APIs; thus, they'll be incomplete and not directly usable - concrete subclasses of the abstract implementations will be written, with the missing bits filled in; they will thus be dependent on whatever crypto vendor libs are used in creating them so basically, yes - i want to implement as much as possible using the actual sanctioned (sun) java APIs, and then fill the missing pieces/stubs in with free/purchased packages. the one (only) real bummer here is that sun's jce/crypto extensions DO NOT PROVIDE API METHODS FOR CREATING X.509 CERTIFICATES. it's just fucked up, i don't know why they didn't do it. instantiating certs from streams/files, sure. writing existing certs out to streams/files, sure. but no actual "take this info and this public key and create a new X.509 cert". so, that one part of it will actually be spec'd out in dcs APIs, and filled in with the actual vendor's libs. so the idea is to use free libs if possible. cryptix has everything except the cert creation (doh). iaik has the cert creation, but it's commercial - but, free for non-commercial use. i think dcserver, being an open-source and thus non-commercial project counts, but i'm not sure. i need to look at bouncycastle - it may have the cert creation stuff but i'm not sure. for now i'm using iaik. i've started the design and API creation portion - there are several examples out there for doing most of the CA stuff already, plus some of us have the experience of checking out david s.'s code from ee - he did a partial CA for us. once it's actually done and deployable/usable on dcserver, i think that will be a big deal - probably big enough to get the unwanted interest of the fbi/nsa/etc. ;) - r --- Swi...@ne... wrote: > read my email before yesterday? actually, no. > well, not this one. > > so, security/encryption: > > obviously most of that stuff costs $$$, are you > thinking leaving it an open stub that you can plug > in whatever package you purchase? or are you > thinking, build it, all of it, with java libs? > > > > Robert Prince <ton...@ya...> wrote: > > >okay then, at least 2 people were out of the > country - > >but, uh, you read your email before yesterday, > yeah? > >;) ok, you're back in. > > > >you know, about motivation, i also was kind of > excited > >about this thing at first, and then after i made > some > >progress, reality set in. i guess my short > attention > >span kicked in . . . i'm still tinkering with it, > and > >i'd like to turn it into something cool - i > actually > >do want to make it into an osgi-compliant server, > and > >i would like to make it a web services platform. > but > >what i've been working on a bit actually is a > >certification authority and general encryption > utility > >to be deployed on the thing ;) > > > >- r > > > >--- Swi...@ne... wrote: > >> hey, i was outta the country too... or were you > >> talking about me??? > >> > >> well, ok, flat out, i was really motivated about > >> this when we had our one IM conference. yeah, i > >> know, i still didn't write a line of code, but i > was > >> excited. not as much about the project as about > >> working with you guys, but i WAS excited. > honestly > >> right now my excitement level is somewhere below > >> waking up on monday mornings. don't take that > >> wrong, i actually telecommute on mondays, so it > >> would be much worse if i said waking up on > >> tuesdays... > >> > >> does anyone feel like trying to get together > again > >> for an IM conference? > >> > >> either way, i hope this gets out - of course by > this > >> time i could be talking to the one and only > member > >> of DCS. ;) > >> > >> hope everyone is well. connilee and i got a > >> christmas tree sunday - anyone left in the valley > >> has to come and see it once before the house > catches > >> on fire. > >> > >> merry drinking days, > >> > >> derek > >> > >> Robert Prince <ton...@ya...> wrote: > >> > >> >okay, one person has been out of the country and > so > >> >probably couldn't respond, but the other people > on > >> the > >> >project that have not contacted me are coming > off > >> the > >> >project this morning. let me know if you would > >> like > >> >to be added back. > >> > > >> >- r > >> > > >> > > >> > >__________________________________________________ > >> >Do You Yahoo!? > >> >Buy the perfect holiday gifts at Yahoo! > Shopping. > >> >http://shopping.yahoo.com > >> > > >> >_______________________________________________ > >> >dcserver-developer mailing list > >> >dcs...@li... > >> > >>https://lists.sourceforge.net/lists/listinfo/dcserver-developer > >> > > >> -- > >> > >> > >> > >> > >> > >__________________________________________________________________ > >> Your favorite stores, helpful shopping tools and > >> great gift ideas. Experience the convenience of > >> buying online with Shop@Netscape! > >> http://shopnow.netscape.com/ > >> > >> Get your own FREE, personal Netscape Mail account > >> today at http://webmail.netscape.com/ > >> > > > > > >__________________________________________________ > >Do You Yahoo!? > >Buy the perfect holiday gifts at Yahoo! Shopping. > >http://shopping.yahoo.com > > > -- > > > > > __________________________________________________________________ > Your favorite stores, helpful shopping tools and > great gift ideas. Experience the convenience of > buying online with Shop@Netscape! > http://shopnow.netscape.com/ > > Get your own FREE, personal Netscape Mail account > today at http://webmail.netscape.com/ > > > _______________________________________________ > dcserver-developer mailing list > dcs...@li... > https://lists.sourceforge.net/lists/listinfo/dcserver-developer __________________________________________________ Do You Yahoo!? Send your FREE holiday greetings online! http://greetings.yahoo.com |
