Hi all,
Also around the topic of the moment, performance of SSL applications,
we are looking into other cipher algorithms and/or JCE providers. We started to
look into RC4 and Cryptix, but we found an issue with the deployment of
Java Web Start applications.
It looks like we wont be able to use Cryptix as the alternative JCE
provider because it requires both parties in the secure exchange to have
modified jurisdiction files in their java installation when a 3rd party
provider is installed. This can only be done by changing some policy jar
files in the ${JAVA_HOME}/lib/security area as the ones shipped with the
JRE are based on French (yep, that's not a misprint) Government laws.
This even applies to the JRE shipped in USA. So, to allow Cryptix to use
full un-hindered encryption we need to change these files out, which
would mean the client user having to download jar files and updating
his/her jre installation appropriately before logging in. This is a problem
in the sense that it complicates the client-side install, which we try to keep
as simple as possible.
So the questions are:
- Does anybody knows how to make a new JCE provider installation
"transparent" to a Java Web Start application?
- Is there any cipher other than DES in the original JCE provider that comes
with Sun's JDK that in your experience provides acceptable performance
with SSL?
Best regards,
Nascif
_______________________________________________ Juglist mailing list [EMAIL PROTECTED] http://trijug.org/mailman/listinfo/juglist_trijug.org
