Thanks John, I see that the code you mention does use a TrustEngine to attempt to persist newly trusted certificates. But I wonder if there are any implementations of the TrustEngine service that are not read-only. The framework registers a built-in TrustEngine that is backed by the CA certs that are configured with the VM but this TrustEngine is read-only.
Tom From: John Arthorne <[email protected]> To: Equinox development mailing list <[email protected]>, Date: 01/02/2013 08:43 AM Subject: Re: [equinox-dev] TrustEngine and other security services Sent by: [email protected] p2 uses the TrustEngine to persist newly trusted certificates after prompting the user. See org.eclipse.equinox.internal.p2.engine.phases. CertificateChecker. http://git.eclipse.org/c/equinox/rt.equinox.p2.git/tree/bundles/org.eclipse.equinox.p2.engine/src/org/eclipse/equinox/internal/p2/engine/phases/CertificateChecker.java John From: Thomas Watson <[email protected]> To: Equinox development mailing list <[email protected]>, Date: 01/02/2013 09:28 AM Subject: Re: [equinox-dev] TrustEngine and other security services Sent by: [email protected] The TrustEngine is largely used as an implementation detail behind the org.eclipse.osgi.signedcontent package. OSGi services published with using the org.eclipse.osgi.service.security.TrustEngine interface are used to determine the authenticity of a certificate chain used to sign content (jars, bundles etc.). I did not remember p2 using the TrustEngine directly, but perhaps it does for authenticating other types of certificates. Sorry, other than the javadoc published for the packages there is not a lot of documentation here. Tom Inactive hide details for Pascal Rapicault ---12/29/2012 03:51:46 AM---The p2 engine makes use of the TrustEngine, however I doPascal Rapicault ---12/29/2012 03:51:46 AM---The p2 engine makes use of the TrustEngine, however I don't remember the details of how it works. Yo From: Pascal Rapicault <[email protected]> To: Equinox development mailing list <[email protected]>, Date: 12/29/2012 03:51 AM Subject: Re: [equinox-dev] TrustEngine and other security services Sent by: [email protected] The p2 engine makes use of the TrustEngine, however I don't remember the details of how it works. You may also want to poke around at other parts of p2 as I just happen to remember about this ref in the engine, but there may be others. HTH Pascal On 2012-12-29, at 5:47 AM, Scott Lewis wrote: > Hello, > > Is there documentation on Equinox security services like org.eclipse.osgi.service.security.TrustEngine service...and implementation? I looked in the Equinox Security area [1], but didn't find a lot of service/API docs. Is/are there examples of using the TrustEngine service (s)? > > Thanks, > > Scott > > > > _______________________________________________ > equinox-dev mailing list > [email protected] > https://dev.eclipse.org/mailman/listinfo/equinox-dev _______________________________________________ equinox-dev mailing list [email protected] https://dev.eclipse.org/mailman/listinfo/equinox-dev _______________________________________________ equinox-dev mailing list [email protected] https://dev.eclipse.org/mailman/listinfo/equinox-dev _______________________________________________ equinox-dev mailing list [email protected] https://dev.eclipse.org/mailman/listinfo/equinox-dev
<<inline: graycol.gif>>
_______________________________________________ equinox-dev mailing list [email protected] https://dev.eclipse.org/mailman/listinfo/equinox-dev
