[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Help and input needed

From: Casey Marshall
Subject: Re: Help and input needed
Date: Tue, 16 Dec 2003 15:06:03 -0800
User-agent: Gnus/5.1002 (Gnus v5.10.2) Emacs/21.2 (gnu/linux)

Hash: SHA1

>>>>> "Mark" == Mark Wielaard <address@hidden> writes:

Mark> [...]

Mark> As you can see very little coding, reviewing or even testing of
Mark> code :( My new year resolution will be: Less talking, More
Mark> coding!

There's a few things relating to the security/crypto bits of Classpath
and friends that I'd like to mention, and get opinions on:

  - Jessie looks like it will become a GNU package someday, but there
    is still some question of where it should go. Suggestions include

       * Classpathx, but Nic has indicated that he thinks Classpathx
         would be better off in Classpath proper.

       * Classpath, possibly as an optional/sub- project.

       * On its own, all by its lonesome.

    Above all I'd like to see this project keep some level of
    independence from Classpath, so it can evolve at its own pace.

  - I've been extending the X.509 classes I put into Classpath a while
    ago to complete the PKI platform with things such as
    CertPathValidator implementations, and have started implementing
    NIST's giant PKI test suite [1] around Mauve. There is a *totally*
    unofficial tarball of this at [2] (the username is "pki" and the
    password "gnupki" -- I don't want Joe Searchengine downloading
    this quite yet). I currently have 73 tests (out of hundreds)
    implemented, and they all pass.

    The questions here are similar to those for Jessie: where should
    this go?

    The PKIX standard is giant and complicated. Anyone with copious
    spare time (...) is welcome to help.

  - Classpath, Jessie, and the GNU PKI packages all have their own
    copies of some simple ASN.1 DER codec classes. This isn't good.
    Some sort of grand unified ASN.1 library would be nice to have.

  - KeyStores. We have a brand-new keyring format in GNU Crypto, and
    attached is a minimal read-only version for public keyrings.

  - Policy files. I have been working on and off on an implementation
    of that reads JDK-style policy files. I've
    attached my current version.

  - javax.crypto and should go into Classpath, in my

  - My own list for future additions include

      * Kerberos and GSSAPI.
      * OpenPGP.
      * Keytool and jarsigner equivalents.

- ---

- -- 
Casey Marshall || address@hidden
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.7 <>


Description: Text document

Description: Text document

reply via email to

[Prev in Thread] Current Thread [Next in Thread]