Hi Arlindo, Thanks you very much for your help, I really appreciated it. I think I can make it works on my own now.
Cheers, Thawan PS. I have no problem understanding your English, because I am not a native speaker too :-) On Sun, Mar 16, 2008 at 11:28 PM, Arlindo Luis Marcon Junior <[EMAIL PROTECTED]> wrote: > Hi Thawan... > > Yes,,, you can import the Public Key with the keytool ( you need import > a certificate with the Public key that you need...)... > > You need change the name of the keystore,,, the passwords,, and the > alias... in the policy.xml file and in the PWCBHandler... > ( I dont remember now if is needed more changes... )... :-( > > [/'s] > jr > sorry my poor english,,, please... > > > > Thawan Kooburat escreveu: > > > > Hi, > > Thanks for your reply, > > > > > >> If you import the "Public key" of the server to inside your > >> client.jks,,, then,,, only the server ( in theory ) can decrypt the > >> message with the Server Private Key... > >> > > > > Can I achieve this with Java keytool? And do I need to modify > > policy.xml other than changing parameters in <ramp:RampartConfig> part > > ? > > > > Thanks, > > > > Thawan > > > > > > On Sat, Mar 15, 2008 at 11:35 PM, Arlindo Luis Marcon Junior > > <[EMAIL PROTECTED]> wrote: > > > >> Hi > >> > >> Thawan > >> > >> > >> anyone who intercept the package can decrypt and verify the signature of > >> the message,,, IF you used the "private" key of "client"... > >> In other words,,, if you sign and encrypt with the private key of the > >> "client",,, you ensure/assure the identity of the issuer,,, > >> non-repudiation of the issuer... > >> > >> If you import the "Public key" of the server to inside your > >> client.jks,,, then,,, only the server ( in theory ) can decrypt the > >> message with the Server Private Key... > >> > >> > >> [/'s] > >> jr > >> > >> Thawan Kooburat escreveu: > >> > >> > >> > >>> Hi, > >>> > >> > I have sucessfully deployed Rampart policy sample 3 with Axis2 > >> > and Rampart 1.3 > >> > I am not sure about how the security mechanism work in this sample. > >> > This is what I think: > >> > The client sign and encrypt its message using private key stored > >> > in client.jks. When a server receive the message, it decrypt and > >> > verify the message by using public key extracted from the message > >> > header. > >> > > >> > This means that anyone who intercept the package can decrypt the > message? > >> > > >> > Thanks, > >> > > >> > Thawan Kooburat > >> > > >> > Department of Computer Engineering > >> > Faculty of Engineering > >> > Chulalongkorn University > >> > Bangkok Thailand > >> > > >> > --------------------------------------------------------------------- > >> > To unsubscribe, e-mail: [EMAIL PROTECTED] > >> > For additional commands, e-mail: [EMAIL PROTECTED] > >> > > >> > > >> > > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > >> > > > > > > > > > > > -- > Arlindo Luis Marcon Junior > E-mail: [EMAIL PROTECTED] > Internet Web Page: http://lattes.cnpq.br/6483462042489662 > ICQ: 138864173 > Curitiba - ParanĂ¡ - Brasil > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- Thawan Kooburat Department of Computer Engineering Faculty of Engineering Chulalongkorn University Bangkok Thailand --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
