> Well, JuiCE seems to be dormant since about 1 1/2 year. The > homepage still says the mailing lists need to be created - thus > I'm sending this info to WSS4J and security-dev to get some > info and feedback to the proposals/ideas listed below.
The JuiCE idea came from some early work that was done by some developers on the Shibboleth (and OpenSAML) projects because early versions of xmlsec were extremely slow. At the time, something like JuiCE seemed like a worthwhile project and some people involved with WSS4J asked if we'd donate the project, so we did. Shortly after that, Raul (bless him) got involved with the xmlsec code and did a serious number on it that basically tripled the performance overnight. Needless to say, the impetus for JuiCE lost its, umm, juice. There's certainly no objection on our part to somebody reviving it if there's interest and effort there. I think one small issue left for JuiCE was to make it properly thread safe. > There is one missing link: to use JuiCE we need a certificate signed > by Sun (Sun acting as a certificate authority in this case). There > is (somewhere in the latest doc about JCE provider) > a description how to get such a certificate - I can check it > and provide the necessary info. This certificate must be used to > sign the JuiCE jar I think that's only required for certain things, but I don't really remember anymore. I know it was tested a bit by us without doing that. > Btw: I havn't checked it - but who has write access to the JuiCE > SVN repos? Or can grant write access to it? I don't know if it's SVN, actually. I know of some of the Shib folks that had write access, they can chime in, but I think we'd be happy to see others take the lead on it. -- Scott
