Wan-Teh Chang wrote: > Steven T. Hatton wrote: > >> I'm curious about the relationship between JSSE and JSS. Some of the >> questions I have are the following: >> >> Can I use JSS as a cryptographic "provider" for JSSE? > > > > You will be able to do that in a future JSS release. Turning > JSS into a JSSE provider is one of the goals for JSS next year.
From my perspective that is *very* important. I would rather not write code that doesn't comply with JSSE. I will probably be forced to write my code using JSSE. When the JSS provider capability is finished then I can easily switch out providers, and there should be no problem. > See the draft of the JSS plan at > http://www.mozilla.org/projects/security/pki/jss/planning/jssplan_20011119.html. > > > >> What are the advantages and dissadvantages of each package? > > > > One advantage of JSS is that it calls into the NSS native C > code. Some would consider that a disadvantage, I guess :-) When I consider the big picture, that seems like a big advantage. If I understand correctly, I could then use the same set of libraries for both C and Java. I'm not sure if that means I'll be able to write code that shares (for reading purposes) the same certificate/key dbs with netscape's servers. I don't know if there is a performance advantage to be gained by using 'native' C code, that is, after the Java gets loaded. That's beyond my realm of expertise. I will say that ease of installation is important. A java programmer doesn't want to get too deep into setting up a C build system to get started writing Java code. I have the sense that the installation is easy. The hard part is knowing if it's right. When you're just getting started with something as complex as working with certificate stores, trusts, ssl connections, encryption cyphers, messages hashes, etc, you don't want to start out with the feeling that the foundation upon which you are building might not be properly laid. I know I've taked about it before, so I won't mention sample corde which can be used to test the installation. {;-)> > Wan-Teh > Steven
