Crypto Requirements for all SSL and GSI Security Dependencies
--------------------------------------------------------------
Key: AIRAVATA-7
URL: https://issues.apache.org/jira/browse/AIRAVATA-7
Project: Airavata
Issue Type: Task
Reporter: Suresh Marru
The ASF instructions for Cryptography [1] explicitly state "PMCs considering
including cryptographic functionality within their products or specially
designing their products to use other software with cryptographic functionality
should take the following steps before placing such code on any ASF server,
including commits to subversion :"
Airavata software have library dependencies which use SSL, GSI [2] for Securing
Web Services, Authenticating and Authorizing with Grid and Cloud resources.
Security library dependencies includes puretls [3] (need to deprecated),
BouncyCastle [4], Java Security [5],OAuth [6] and Cryptix [7]
We need to follow the instructions on [1] and verify all the steps are followed.
[1] - http://www.apache.org/dev/crypto.html
[2] - http://www.globus.org/security/overview.html
[3] - http://www.rtfm.com/puretls/
[4] - http://www.bouncycastle.org/
[5] - http://www.oracle.com/technetwork/java/javase/tech/index-jsp-136007.html
[6] - https://code.google.com/p/oauth/
[7] - http://www.cryptix.org/
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
