Can you please drop an email to wss4j-dev (specifically addressed to werner?). Also please look at juice code base (http://svn.apache.org/repos/asf/incubator/juice/).
thanks, dims On 7/10/06, Vivek Lakshmanan <[EMAIL PROTECTED]> wrote:
Davanum Srinivas wrote: > how about this for a start? > http://mail-archives.apache.org/mod_mbox/ws-fx-dev/200403.mbox/[EMAIL PROTECTED] > Thanks for the link and sorry for the delayed response. Couple of quick questions though: 1) Since that message is a bit dated, is it possible to get an update on this? Since support for RSA-OAEP, and a lot of the signature algorithms has been integrated in JDK 1.5, it seems the only reasons to require any external JCE provider at all would be to support a larger range of key-sizes for symmetric encryption not provided by the JDK. Is this deduction accurate? 2) In addition, there are some inconsistencies in the behaviour of Bouncycastle and other crypto providers (including the JDK) which seem to make the Axis/wss4j code (somewhat accidentally) dependent on Bouncycastle. From my inspection, these are minor things like algorithm transformations/names etc. Are there any deeper issues I have missed in my assessment? If the stumbling blocks are limited to what I mentioned above, then it probably wont require a lot of effort to make Axis more crypto-provider agnostic. Thanks, Vivek
-- Davanum Srinivas : http://www.wso2.net (Oxygen for Web Service Developers) --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
