hello Tom, On Friday 09 June 2006 09:16, Tom Tromey wrote: > >>>>> "Mark" == Mark Wielaard <[EMAIL PROTECTED]> writes: > > Mark> I CCed the devjam list on which a couple of different > distribution Mark> packagers are subscribed. Devjam people, Raif > added support for Mark> importing trusted ca-certs to GNU Classpath > so our tls/ssl Mark> implementation for example can just reuse the > ca-certs that are already Mark> packaged for an distribution (for > example those used by Mozilla). > > I know zilch about this area, so forgive me if my questions are > naive. > > Why read these files and transform them into something we can > distribute?
to offer similar capabilities as the RI's version of the keytool. > Why not read them dynamically, as needed? That way if a > new cert is installed, a newly run VM will pick it up automatically. there are cases where this is not possible or desired: * there is no such location on the machine with a Classpath + VM. * these certificates are in more than one directory, with no direct parent. * the directory/directories containing these certificates exist but may not be available or accessible to the keytool user. * the same version of Classpath + VM, installed on different machines may end up with different cacerts file. cheers; rsn
pgp6UImcgkh9S.pgp
Description: PGP signature
