Hi,
For some time I had been developing the X.509 certificate code in
Classpath (gnu.java.security.x509) in Jessie, and then moved the code
to GNU Crypto. Since then I've improved the code a great deal over the
original version, which is fairly limited and buggy [1]. The version
in GNU Crypto CVS has:
- A much more complete and robust X.509 parser.
- A better, more easily extensible framework.
- An implementation of the certificate path-checking algorithm
described in RFC 3280.
- A large test suite based on NIST's PKITS test suite.
I would like to merge this code back into Classpath, and to maintain
it there. This is desirable, because features of the standard library
(like signed Jar files) depend on having a full X.509 implementation.
It would also be nice to move the PKITS test suite into Mauve (it is
already written to use Mauve's base classes).
Ideally, I think moving everything into Classpath (including GNU
Crypto's algorithms and Jessie's SSL implementation) would be nice,
since then we'd have everything the JDK has, APIs and
implementations. But for now I think the PKI code should go back in.
Comments?
--
Casey Marshall || [EMAIL PROTECTED]
1. https://savannah.gnu.org/bugs/?func=detailitem&item_id=9947
_______________________________________________
Classpath mailing list
[EMAIL PROTECTED]
http://lists.gnu.org/mailman/listinfo/classpath
