Vincent Ryan wrote:
Hello Mike,
This functionality is being planned for the JDK7 release. The existing
java.security.cert.CertificateFactory class can easily be enhanced with
several new methods:
o to create a certificate signing request
o to parse a certificate signing request
o to issue a new certificate
The features will be limited. There are no plans to define an API to
support a full CA.
I believe that the minimum required PKI extensions are for the API to
match the functionality offered by the command line 'keytool'. There are
too many projects which must currently include BouncyCastle (which is
nonetheless great and useful) only for the purposes of replicating
keytool functionality.
Are the proposed API changes for JDK7 published anywhere?
Mike
Mike Duigou wrote:
Hello!
Where can I find a published description of the enhancements and
extensions planned for JCE/JSSE in JDK 7?
To jump right to the point of my question: I'll be specifically looking
for extensions to allow all of the keytool functionality to be accessed
through public APIs. This is specifically PKCS#1 certificate generation
and PKCS#10 certificate signing requests. Neither of these are currently
available in the JDK 6 API but are available through keytool.
Mike
begin:vcard
fn:Mike Duigou
n:Duigou;Mike
org:Sun Microsystems Inc.;Software CSG CTO, Advanced Development
adr:;;4120 Network Circle;Santa Clara;CA;95054;USA
email;internet:[EMAIL PROTECTED]
title:Senior Staff Engineer
tel;work:+1 (510) 550-6813 x69537
tel;cell:+1 (510) 918-5720
x-mozilla-html:FALSE
url:http://blogs.sun.com/bondolo/
version:2.1
end:vcard
