Re: [dcserver-developer] dcs: Dont Change your Shorts
Status: Alpha
Brought to you by:
robertprince
Menu
▾
▴
Re: [dcserver-developer] dcs: Dont Change your Shorts
|
From: Robert P. <ton...@ya...> - 2001-12-06 03:49:57
|
yepper . . . i expect the rest to follow suit though and provide implementations of aes/rijndael . . . interesting that the us govt just recently now decided that 128 bit was too weak, and maybe 256 bit would be a better standard for use with commerce ;) have any of you folks ever used or investigated the eToken from alladin? interesting bit of hardware . . . - r --- Michael Olive <mik...@ya...> wrote: > Noticed that besides RSA, IAIK seems to be the only > other to implement AES. > > > --- Robert Prince <ton...@ya...> wrote: > > good question - what i'm planning is: > > > > - the CA is made up of several services (such as > the > > KeyManagementService, the KeyGenerationService, > the > > CertManagementService, the CipherService, etc) > > - each of these services are spec'd out as an API > > - abstract implementations of each will be > created; > > these abstract implementations go as far as > possible > > using only sun's crypto APIs; thus, they'll be > > incomplete and not directly usable > > - concrete subclasses of the abstract > implementations > > will be written, with the missing bits filled in; > they > > will thus be dependent on whatever crypto vendor > libs > > are used in creating them > > > > so basically, yes - i want to implement as much as > > possible using the actual sanctioned (sun) java > APIs, > > and then fill the missing pieces/stubs in with > > free/purchased packages. > > > > the one (only) real bummer here is that sun's > > jce/crypto extensions DO NOT PROVIDE API METHODS > FOR > > CREATING X.509 CERTIFICATES. it's just fucked up, > i > > don't know why they didn't do it. instantiating > certs > > from streams/files, sure. writing existing certs > out > > to streams/files, sure. but no actual "take this > info > > and this public key and create a new X.509 cert". > so, > > that one part of it will actually be spec'd out in > dcs > > APIs, and filled in with the actual vendor's libs. > > > > so the idea is to use free libs if possible. > cryptix > > has everything except the cert creation (doh). > iaik > > has the cert creation, but it's commercial - but, > free > > for non-commercial use. i think dcserver, being > an > > open-source and thus non-commercial project > counts, > > but i'm not sure. i need to look at bouncycastle > - it > > may have the cert creation stuff but i'm not sure. > > > for now i'm using iaik. > > > > i've started the design and API creation portion - > > there are several examples out there for doing > most of > > the CA stuff already, plus some of us have the > > experience of checking out david s.'s code from ee > - > > he did a partial CA for us. once it's actually > done > > and deployable/usable on dcserver, i think that > will > > be a big deal - probably big enough to get the > > unwanted interest of the fbi/nsa/etc. ;) > > > > - r > > > > --- Swi...@ne... wrote: > > > read my email before yesterday? actually, no. > > > well, not this one. > > > > > > so, security/encryption: > > > > > > obviously most of that stuff costs $$$, are you > > > thinking leaving it an open stub that you can > plug > > > in whatever package you purchase? or are you > > > thinking, build it, all of it, with java libs? > > > > > > > > > > > > Robert Prince <ton...@ya...> wrote: > > > > > > >okay then, at least 2 people were out of the > > > country - > > > >but, uh, you read your email before yesterday, > > > yeah? > > > >;) ok, you're back in. > > > > > > > >you know, about motivation, i also was kind of > > > excited > > > >about this thing at first, and then after i > made > > > some > > > >progress, reality set in. i guess my short > > > attention > > > >span kicked in . . . i'm still tinkering with > it, > > > and > > > >i'd like to turn it into something cool - i > > > actually > > > >do want to make it into an osgi-compliant > server, > > > and > > > >i would like to make it a web services > platform. > > > but > > > >what i've been working on a bit actually is a > > > >certification authority and general encryption > > > utility > > > >to be deployed on the thing ;) > > > > > > > >- r > > > > > > > >--- Swi...@ne... wrote: > > > >> hey, i was outta the country too... or were > you > > > >> talking about me??? > > > >> > > > >> well, ok, flat out, i was really motivated > about > > > >> this when we had our one IM conference. > yeah, i > > > >> know, i still didn't write a line of code, > but i > > > was > > > >> excited. not as much about the project as > about > > > >> working with you guys, but i WAS excited. > > > honestly > > > >> right now my excitement level is somewhere > below > > > >> waking up on monday mornings. don't take > that > > > >> wrong, i actually telecommute on mondays, so > it > > > >> would be much worse if i said waking up on > > > >> tuesdays... > > > >> > > > >> does anyone feel like trying to get together > > > again > > > >> for an IM conference? > > > >> > > > >> either way, i hope this gets out - of course > by > > > this > > > >> time i could be talking to the one and only > > > member > > > >> of DCS. ;) > > > >> > > > >> hope everyone is well. connilee and i got a > > > >> christmas tree sunday - anyone left in the > valley > > > >> has to come and see it once before the house > > > catches > > > >> on fire. > > > >> > > > >> merry drinking days, > > > >> > > > >> derek > > > >> > > > >> Robert Prince <ton...@ya...> wrote: > > > >> > > > >> >okay, one person has been out of the country > and > > > so > > > >> >probably couldn't respond, but the other > people > > > on > > > >> the > > > >> >project that have not contacted me are > coming > > > off > > > >> the > > > >> >project this morning. let me know if you > would > > > >> like > > > >> >to be added back. > > > >> > > > > >> >- r > > > >> > > > > >> > > > > >> > > > > >__________________________________________________ > > > >> >Do You Yahoo!? > > > >> >Buy the perfect holiday gifts at Yahoo! > > > Shopping. > > > >> >http://shopping.yahoo.com > > > >> > > > > >> > >_______________________________________________ > > > >> >dcserver-developer mailing list > > > >> >dcs...@li... > > > >> > > > > > > >>https://lists.sourceforge.net/lists/listinfo/dcserver-developer > > > >> > > > > >> -- > > > >> > > > >> > > > >> > > > >> > > > >> > > > > > > >__________________________________________________________________ > > > >> Your favorite stores, helpful shopping tools > and > > > >> great gift ideas. Experience the convenience > of > > > >> buying online with Shop@Netscape! > > > >> http://shopnow.netscape.com/ > > > >> > > > >> Get your own FREE, personal Netscape Mail > account > > > >> today at http://webmail.netscape.com/ > > > >> > > > > > > > > > > > > >__________________________________________________ > > > >Do You Yahoo!? > > > >Buy the perfect holiday gifts at Yahoo! > Shopping. > > > >http://shopping.yahoo.com > > > > > > > -- > > > > > > > > > > > > > > > > > > __________________________________________________________________ > > > Your favorite stores, helpful shopping tools and > > > great gift ideas. Experience the convenience of > > > buying online with Shop@Netscape! > > > http://shopnow.netscape.com/ > > > > > > Get your own FREE, personal Netscape Mail > account > > > today at http://webmail.netscape.com/ > > > > > > > > > _______________________________________________ > > > dcserver-developer mailing list > > > === message truncated === > > > ===== > Michael C. Olive > > __________________________________________________ > Do You Yahoo!? > Send your FREE holiday greetings online! > http://greetings.yahoo.com __________________________________________________ Do You Yahoo!? Send your FREE holiday greetings online! http://greetings.yahoo.com |
