[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RFC: import gnu.crypto.pki
From: |
Casey Marshall |
Subject: |
RFC: import gnu.crypto.pki |
Date: |
Sun, 17 Oct 2004 10:58:40 -0700 |
User-agent: |
Gnus/5.1002 (Gnus v5.10.2) Emacs/21.3 (gnu/linux) |
Hi,
For some time I had been developing the X.509 certificate code in
Classpath (gnu.java.security.x509) in Jessie, and then moved the code
to GNU Crypto. Since then I've improved the code a great deal over the
original version, which is fairly limited and buggy [1]. The version
in GNU Crypto CVS has:
- A much more complete and robust X.509 parser.
- A better, more easily extensible framework.
- An implementation of the certificate path-checking algorithm
described in RFC 3280.
- A large test suite based on NIST's PKITS test suite.
I would like to merge this code back into Classpath, and to maintain
it there. This is desirable, because features of the standard library
(like signed Jar files) depend on having a full X.509 implementation.
It would also be nice to move the PKITS test suite into Mauve (it is
already written to use Mauve's base classes).
Ideally, I think moving everything into Classpath (including GNU
Crypto's algorithms and Jessie's SSL implementation) would be nice,
since then we'd have everything the JDK has, APIs and
implementations. But for now I think the PKI code should go back in.
Comments?
--
Casey Marshall || address@hidden
1. https://savannah.gnu.org/bugs/?func=detailitem&item_id=9947
- RFC: import gnu.crypto.pki,
Casey Marshall <=