Robert Relyea wrote: > Arshad Noor wrote: >> What would be ideal is for JSS to evolve into becoming >> just another pluggable JCE Provider and hide the access >> to the consolidated Fedora crypto keystore/library >> behind that interface. You will then be doing two >> communities a great service. >> > IIRC, JSS is a JCE provider, as well as providing an API. One of the > problems we have with JSS open source is the difficulty allowing the > community to build and load that functionality, because you need a > certificate provided by Sun to do so... so ironically JSS as a JCE > provider can work in fedora with gcj, but not with the Sun jvm. (Of > cource the Red Hat RHEL version is so signed, so can be used as a > provider in all JVMs. > > Steve/Glenn have I represented things correctly here? > > bob
I think so. One more thing is that the IBM JRE is in the same boat as the Sun JRE, in that it also requires them to be signed. Here's an example of using JSS via the JCE/JCA api to sign something: http://lxr.mozilla.org/security/source/security/jss/org/mozilla/jss/tests/JCASigTest.java Steve _______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
