[JBoss-dev] BouncyCastle IDEA issues
A concern over use of BouncyCastle as a JCE provider has come up due to its inclusion of the IDEA algorithm implementation that is subject to patent/ip concerns. As far as I know we don't have any explicit or implicit dependency on BouncyCastle even though it has been discussed in the context of WS-Security. If we actually are moving to requiring BouncyCastle I need to know why. Scott Stark VP Architecture Technology JBoss, a division of Red Hat ___ JBoss-Development mailing list JBoss-Development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-development
Re: [JBoss-dev] BouncyCastle IDEA issues
We need it to support WS-Security on jdk 4. Since, at the time of releasing jbossws 1.0.0, we did not have a US export license, we currently rely on the user to download and install it in their JVM. -Jason -Original Message- From: [EMAIL PROTECTED] [mailto:jboss- [EMAIL PROTECTED] On Behalf Of Scott M Stark Sent: Tuesday, June 20, 2006 11:31 AM To: jboss-development Subject: [JBoss-dev] BouncyCastle IDEA issues A concern over use of BouncyCastle as a JCE provider has come up due to its inclusion of the IDEA algorithm implementation that is subject to patent/ip concerns. As far as I know we don't have any explicit or implicit dependency on BouncyCastle even though it has been discussed in the context of WS-Security. If we actually are moving to requiring BouncyCastle I need to know why. Scott Stark VP Architecture Technology JBoss, a division of Red Hat ___ JBoss-Development mailing list JBoss-Development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-development ___ JBoss-Development mailing list JBoss-Development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-development
Re: [JBoss-dev] BouncyCastle IDEA issues
I should clarify that this requirement is not on BC in particular, we just need a JCE provider that supports certain digest/encryption algorithms. The SUN JDK 4 provider is missing a few, JDK 5 has them. So if there was an alternate JCE provider, we could recommend that instead. However, I am not aware of any other open source implementations. On a side note, if we ever decided to generate our own certs (maybe cert tool of some sort), BC has an API for this, so we may eventually want to use it, or some fork without the patent issue. -Jason -Original Message- From: [EMAIL PROTECTED] [mailto:jboss- [EMAIL PROTECTED] On Behalf Of Jason T. Greene Sent: Tuesday, June 20, 2006 1:16 PM To: JBoss.org development list Subject: Re: [JBoss-dev] BouncyCastle IDEA issues We need it to support WS-Security on jdk 4. Since, at the time of releasing jbossws 1.0.0, we did not have a US export license, we currently rely on the user to download and install it in their JVM. -Jason -Original Message- From: [EMAIL PROTECTED] [mailto:jboss- [EMAIL PROTECTED] On Behalf Of Scott M Stark Sent: Tuesday, June 20, 2006 11:31 AM To: jboss-development Subject: [JBoss-dev] BouncyCastle IDEA issues A concern over use of BouncyCastle as a JCE provider has come up due to its inclusion of the IDEA algorithm implementation that is subject to patent/ip concerns. As far as I know we don't have any explicit or implicit dependency on BouncyCastle even though it has been discussed in the context of WS-Security. If we actually are moving to requiring BouncyCastle I need to know why. Scott Stark VP Architecture Technology JBoss, a division of Red Hat ___ JBoss-Development mailing list JBoss-Development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-development ___ JBoss-Development mailing list JBoss-Development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-development ___ JBoss-Development mailing list JBoss-Development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-development
Re: [JBoss-dev] BouncyCastle IDEA issues
The other place BountyCastle may be relevant is in invoker encryption as part of the remoting project. Jason T. Greene wrote: We need it to support WS-Security on jdk 4. Since, at the time of releasing jbossws 1.0.0, we did not have a US export license, we currently rely on the user to download and install it in their JVM. -Jason -Original Message- From: [EMAIL PROTECTED] [mailto:jboss- [EMAIL PROTECTED] On Behalf Of Scott M Stark Sent: Tuesday, June 20, 2006 11:31 AM To: jboss-development Subject: [JBoss-dev] BouncyCastle IDEA issues A concern over use of BouncyCastle as a JCE provider has come up due to its inclusion of the IDEA algorithm implementation that is subject to patent/ip concerns. As far as I know we don't have any explicit or implicit dependency on BouncyCastle even though it has been discussed in the context of WS-Security. If we actually are moving to requiring BouncyCastle I need to know why. Scott Stark VP Architecture Technology JBoss, a division of Red Hat ___ JBoss-Development mailing list JBoss-Development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-development ___ JBoss-Development mailing list JBoss-Development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-development ___ JBoss-Development mailing list JBoss-Development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-development
Re: [JBoss-dev] BouncyCastle IDEA issues
For what algorithms? We will not be able to bundle the full BC capabilities regardless of export control due to the IP issues. Saying that users have to download it is fine. We just can't bundle it or have a compile time dependency on it. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason T. Greene Sent: Tuesday, June 20, 2006 11:16 AM To: JBoss.org development list Subject: Re: [JBoss-dev] BouncyCastle IDEA issues We need it to support WS-Security on jdk 4. Since, at the time of releasing jbossws 1.0.0, we did not have a US export license, we currently rely on the user to download and install it in their JVM. -Jason ___ JBoss-Development mailing list JBoss-Development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-development
Re: [JBoss-dev] BouncyCastle IDEA issues
We need ISO-10126 (random byte) padding for CBC (AES and 3DES). OK, so we will leave things as they are, just a documentation reference on where to get it. -Jason -Original Message- From: [EMAIL PROTECTED] [mailto:jboss- [EMAIL PROTECTED] On Behalf Of Scott M Stark Sent: Tuesday, June 20, 2006 1:35 PM To: JBoss.org development list Subject: Re: [JBoss-dev] BouncyCastle IDEA issues For what algorithms? We will not be able to bundle the full BC capabilities regardless of export control due to the IP issues. Saying that users have to download it is fine. We just can't bundle it or have a compile time dependency on it. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason T. Greene Sent: Tuesday, June 20, 2006 11:16 AM To: JBoss.org development list Subject: Re: [JBoss-dev] BouncyCastle IDEA issues We need it to support WS-Security on jdk 4. Since, at the time of releasing jbossws 1.0.0, we did not have a US export license, we currently rely on the user to download and install it in their JVM. -Jason ___ JBoss-Development mailing list JBoss-Development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-development ___ JBoss-Development mailing list JBoss-Development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-development