RE: Re: [dcserver-developer] dcs: Dont Change your Shorts
Status: Alpha
Brought to you by:
robertprince
Menu
▾
▴
RE: Re: [dcserver-developer] dcs: Dont Change your Shorts
|
From: <Swi...@ne...> - 2001-12-06 04:02:19
|
mike olive?!?! holy shit, i didn't know you were lurking around here! sweet! hey! so that is pretty fucked up that the jca doesn't define creating an x.509 - another gaping hole courtesy of sun. hehehheh - you know, we should ALL be working over there. robert, you're fooling yourself if you think the NSA ever took their eye off you in the first place... :-) so what have you built of this so far? Michael Olive <mik...@ya...> wrote: >Noticed that besides RSA, IAIK seems to be the only >other to implement AES. > > >--- Robert Prince <ton...@ya...> wrote: >> good question - what i'm planning is: >> >> - the CA is made up of several services (such as the >> KeyManagementService, the KeyGenerationService, the >> CertManagementService, the CipherService, etc) >> - each of these services are spec'd out as an API >> - abstract implementations of each will be created; >> these abstract implementations go as far as possible >> using only sun's crypto APIs; thus, they'll be >> incomplete and not directly usable >> - concrete subclasses of the abstract implementations >> will be written, with the missing bits filled in; they >> will thus be dependent on whatever crypto vendor libs >> are used in creating them >> >> so basically, yes - i want to implement as much as >> possible using the actual sanctioned (sun) java APIs, >> and then fill the missing pieces/stubs in with >> free/purchased packages. >> >> the one (only) real bummer here is that sun's >> jce/crypto extensions DO NOT PROVIDE API METHODS FOR >> CREATING X.509 CERTIFICATES. it's just fucked up, i >> don't know why they didn't do it. instantiating certs >> from streams/files, sure. writing existing certs out >> to streams/files, sure. but no actual "take this info >> and this public key and create a new X.509 cert". so, >> that one part of it will actually be spec'd out in dcs >> APIs, and filled in with the actual vendor's libs. >> >> so the idea is to use free libs if possible. cryptix >> has everything except the cert creation (doh). iaik >> has the cert creation, but it's commercial - but, free >> for non-commercial use. i think dcserver, being an >> open-source and thus non-commercial project counts, >> but i'm not sure. i need to look at bouncycastle - it >> may have the cert creation stuff but i'm not sure. >> for now i'm using iaik. >> >> i've started the design and API creation portion - >> there are several examples out there for doing most of >> the CA stuff already, plus some of us have the >> experience of checking out david s.'s code from ee - >> he did a partial CA for us. once it's actually done >> and deployable/usable on dcserver, i think that will >> be a big deal - probably big enough to get the >> unwanted interest of the fbi/nsa/etc. ;) >> >> - r >> >> --- Swi...@ne... wrote: >> > read my email before yesterday? actually, no. >> > well, not this one. >> > >> > so, security/encryption: >> > >> > obviously most of that stuff costs $$$, are you >> > thinking leaving it an open stub that you can plug >> > in whatever package you purchase? or are you >> > thinking, build it, all of it, with java libs? >> > >> > >> > >> > Robert Prince <ton...@ya...> wrote: >> > >> > >okay then, at least 2 people were out of the >> > country - >> > >but, uh, you read your email before yesterday, >> > yeah? >> > >;) ok, you're back in. >> > > >> > >you know, about motivation, i also was kind of >> > excited >> > >about this thing at first, and then after i made >> > some >> > >progress, reality set in. i guess my short >> > attention >> > >span kicked in . . . i'm still tinkering with it, >> > and >> > >i'd like to turn it into something cool - i >> > actually >> > >do want to make it into an osgi-compliant server, >> > and >> > >i would like to make it a web services platform. >> > but >> > >what i've been working on a bit actually is a >> > >certification authority and general encryption >> > utility >> > >to be deployed on the thing ;) >> > > >> > >- r >> > > >> > >--- Swi...@ne... wrote: >> > >> hey, i was outta the country too... or were you >> > >> talking about me??? >> > >> >> > >> well, ok, flat out, i was really motivated about >> > >> this when we had our one IM conference. yeah, i >> > >> know, i still didn't write a line of code, but i >> > was >> > >> excited. not as much about the project as about >> > >> working with you guys, but i WAS excited. >> > honestly >> > >> right now my excitement level is somewhere below >> > >> waking up on monday mornings. don't take that >> > >> wrong, i actually telecommute on mondays, so it >> > >> would be much worse if i said waking up on >> > >> tuesdays... >> > >> >> > >> does anyone feel like trying to get together >> > again >> > >> for an IM conference? >> > >> >> > >> either way, i hope this gets out - of course by >> > this >> > >> time i could be talking to the one and only >> > member >> > >> of DCS. ;) >> > >> >> > >> hope everyone is well. connilee and i got a >> > >> christmas tree sunday - anyone left in the valley >> > >> has to come and see it once before the house >> > catches >> > >> on fire. >> > >> >> > >> merry drinking days, >> > >> >> > >> derek >> > >> >> > >> Robert Prince <ton...@ya...> wrote: >> > >> >> > >> >okay, one person has been out of the country and >> > so >> > >> >probably couldn't respond, but the other people >> > on >> > >> the >> > >> >project that have not contacted me are coming >> > off >> > >> the >> > >> >project this morning. let me know if you would >> > >> like >> > >> >to be added back. >> > >> > >> > >> >- r >> > >> > >> > >> > >> > >> >> > >__________________________________________________ >> > >> >Do You Yahoo!? >> > >> >Buy the perfect holiday gifts at Yahoo! >> > Shopping. >> > >> >http://shopping.yahoo.com >> > >> > >> > >> >_______________________________________________ >> > >> >dcserver-developer mailing list >> > >> >dcs...@li... >> > >> >> > >> >>https://lists.sourceforge.net/lists/listinfo/dcserver-developer >> > >> > >> > >> -- >> > >> >> > >> >> > >> >> > >> >> > >> >> > >> >__________________________________________________________________ >> > >> Your favorite stores, helpful shopping tools and >> > >> great gift ideas. Experience the convenience of >> > >> buying online with Shop@Netscape! >> > >> http://shopnow.netscape.com/ >> > >> >> > >> Get your own FREE, personal Netscape Mail account >> > >> today at http://webmail.netscape.com/ >> > >> >> > > >> > > >> > >__________________________________________________ >> > >Do You Yahoo!? >> > >Buy the perfect holiday gifts at Yahoo! Shopping. >> > >http://shopping.yahoo.com >> > > >> > -- >> > >> > >> > >> > >> > >> __________________________________________________________________ >> > Your favorite stores, helpful shopping tools and >> > great gift ideas. Experience the convenience of >> > buying online with Shop@Netscape! >> > http://shopnow.netscape.com/ >> > >> > Get your own FREE, personal Netscape Mail account >> > today at http://webmail.netscape.com/ >> > >> > >> > _______________________________________________ >> > dcserver-developer mailing list >> >=== message truncated === > > >===== >Michael C. Olive > >__________________________________________________ >Do You Yahoo!? >Send your FREE holiday greetings online! >http://greetings.yahoo.com > >_______________________________________________ >dcserver-developer mailing list >dcs...@li... >https://lists.sourceforge.net/lists/listinfo/dcserver-developer > -- __________________________________________________________________ Your favorite stores, helpful shopping tools and great gift ideas. Experience the convenience of buying online with Shop@Netscape! http://shopnow.netscape.com/ Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/ |
