currently the MD5 stuff is implemented using JAVA-stuff only. Which means, that there is no way to use this on the server, only the client itself can generate the Hash.
Following the discussion on the repository list, I guess this is not the kind of thing we would like to have. Therefore I am going to implement something more configurable. First of all this means, that you are able then to use
1) any provider for the JAVA Security stuff (not only the default one, which is implemented right now per default). This does not mean a lot of work since all of the methods I have implemented can be used with different providers
2) also I am going to enable a kind of "external" Hash-Program, like md5sum. My problem with this right now is, that I have access to quite a lot linux boxes (including my own home-server) but not any BSD system. So I believe someon has to test this stuff later on a BSD system, which seems to be the preferred OS of Apache.org (hope, I did not misunderstood the mails concerning this). This Implementation will be fully configurable, so that you can use whatever program suits your needs.
3) I will then add a new feature to generate Signatures (which, like stated on the repository list will be only possible on the client, since the private keys are not stored on any Apache.org machine). This will be also separated into two different implementations (one using pure JAVA and the other one using external programs).
--> IMHO this is not a high priority of ruper, since I believe that first we have to get ruper up and flying to get more users as well as developers.
Mark, since you seem to be a very knowledgable guy on this stuff, I have included you on this topic and would really like to discuss this stuff en detail with you.
R,
Markus
