On Mon, Nov 13, 2017 at 1:03 PM, Inthirakumaaran Tharmakulasingham < [email protected]> wrote:
> I think there is a signature verification problem when using bouncy castle > provider.You can find the details of the past problem in the link[1].(got > this problem 3 years ago) > > Alright, and there is a fix as well. So, this is not really an issue. :-) > I started the conversation with BC developers and they're not going to > implement token binding extension by them self in near future.The new > extension, they added on user request was a small one and they already > had implemented it but commented out for some reason.Details about that > extension are in this link[2].But they are okay with sending PR for token > binding implementation.If it is merged then we can reach java community > easily.More details about the conversation can be found at this link[3]. > Yes. Do keep them engaged, and send an early draft PR to BC community for reviewing. This is going good. :) Thanks, KasunG > > When I talked to BC providers they mentioned about an extension API which > can be used to add a new extension in the handshake.I did some digging into > that and it seems is possible to create a token binding extension and have > to put that into that API.Rest of the negotiations will be done by that > API.So currently I am in the process of developing an extension that could > fit into that API. > > Reference: > [1]Bouncy castle issue mail thread > <http://wso2-oxygen-tank.10903.n7.nabble.com/Error-bcprov-jdk15on-1-49-0-wso2v1-jar-has-unsigned-entries-org-bouncycastle-LICENSE-class-td103606.html> > [2]https://github.com/bcgit/bc-java/issues/234 > [3]https://github.com/bcgit/bc-java/issues/250 > > > > On Fri, Nov 10, 2017 at 8:34 AM, KasunG Gajasinghe <[email protected]> > wrote: > >> Hi Indra, >> >> Can you find out exactly what issues we faced before? I'm assuming it has >> something to do with jar signing. >> >> The work we are doing is not specific to wso2 but applies to entire Java >> community and bouncycastle users. So, our end goal should be get this >> merged into bouncycastle project. >> >> Please start a dialogue with BC developers asap. They are on GitHub now I >> suppose. >> >> Bouncycastle just added a new tls extension last month, and the community >> quite active. >> >> @Prabath, please share your thoughts. >> >> Thanks, >> KasunG >> >> On Thu, Nov 9, 2017 at 2:10 PM Inthirakumaaran Tharmakulasingham < >> [email protected]> wrote: >> >>> Hi, >>> I am trying to create a Token binding library for TLS layer.One option >>> for this to extend BCJSSE and write the implementations on top of it.But in >>> the past, there have been some issues in making changes in Bouncy >>> Castle.How can I proceed with this?OR any better way to write the library? >>> >>> Basically, our intention is to make a token binding library so that >>> anyone can create HTTP client which can support token binding.Thus we hope >>> to send a PR to BC after completing the implementation. >>> >>> >>> -- >>> Inthirakumaaran >>> Software Engineering - Intern | WSO2 >>> >>> Email: [email protected] >>> Mobile:0766598050 <076%20659%208050> >>> >>> -- >> >> *Kasun Gajasinghe*Associate Technical Lead, WSO2 Inc. >> email: kasung AT spamfree wso2.com >> linked-in: http://lk.linkedin.com/in/gajasinghe >> blog: http://kasunbg.org >> phone: +1 650-745-4499 <(650)%20745-4499>, 77 678 0813 >> >> > > > > -- > Inthirakumaaran > Software Engineering - Intern | WSO2 > > Email: [email protected] > Mobile:0766598050 <076%20659%208050> > > -- *Kasun Gajasinghe*Associate Technical Lead, WSO2 Inc. email: kasung AT spamfree wso2.com linked-in: http://lk.linkedin.com/in/gajasinghe blog: http://kasunbg.org phone: +1 650-745-4499, 77 678 0813
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
