From: mrm@doppio (Marianne Mueller)
Message-Id: <199701201944.LAA11554@puffin.eng.sun.com>
Subject: Re: javakey -ic
To: Ulrich.Kriegel@isst.fhg.de (Ulrich Kriegel)
Date: Mon, 20 Jan 1997 11:44:26 -0800 (PST)
In-Reply-To: <199701200639.HAA23875@otter.fhg.de> from "Ulrich Kriegel" at Jan 20, 97 07:39:26 am
>
> Hi Marianne,
> thanks for your prompt reply. Can you already estimate, when the final
> version will be out? It would be fine if we could use it for our
> demonstration at the CeBIT fair.
I don't know if JavaSoft has announced a final date for JDK1.1 yet -
(I'm not sure if I'm supposed to announce dates!) but we are close,
and it should be within the month.
> May be, you could give me a hint to solve the following problem.
> Let's assume that I have sucessfully imported certificates of my
> friends in my private identitydb.obj-file which I manage with javakey.
>
> How can I access inside an application a public key contained in
> identitydb.obj to verify a certain information. I only found, that I
> could make a signature object and generate a new pair of keys.
>
It turns out that the bug is related to importing a certificate
if the identity is initialized as a signer. If you create the
identity *not* as a signer,then you can import and use the
certificate. For example,
1. In my private database, I create an identity,keys and certificate
for my ID, which is mrm. I have the certificate written to a file
named mrm.x509,by specifying this in the certificate directive file
out.file=mrm.x509
2. Then, in a separate database, I create an identity for mrm,
but I don't mark it as a signer:
javakey -c mrm false
3. Now I can import the cert
javakey -ic mrm /tmp/mrm.x509
(This assumes I copied the mrm.x509 file to my /tmp directory)
Does that help you accomplish your demo?~
What demo are you doing for CEBit,by the way? Sounds interesting!
Marianne
JavaSoft engineering,security