Re: SSL in JDK?

Marianne Mueller (mrm@Eng)
Tue, 27 May 1997 19:09:56 -0700

Date: Tue, 27 May 1997 19:09:56 -0700
Message-Id: <199705280209.TAA12532@puffin.eng.sun.com>
From: Marianne Mueller <mrm@Eng>
To: shelina@dstc.qut.edu.au
Subject: Re: SSL in JDK?

> Hello, i was not sure if this question concerns net or security, but i
> think it probably concerns both. I am wondering if there is any plans for
> extending the security/net APIs to support SSL? It seems that with the new
> secure features in JDK 1.1, SSL support would just be another step on - is
> there anything in the pipe line for this? When? Where can i read about it?
> If not, any reason why not?

Hi Shelina,

We're working on the business/packaging issues for SSL, which is coded
in Java. We added you to the ssl-announcement mailing list, and when
we have an SSL announcement, a message will be sent to that mailing
list.

Meantime, please check out the Jeeves site and check out the Java Web
Server, which does have SSL implemented. The Java Web Server is
(almost) 100% pure Java - it ships some crypto code that is in C, but
other than that, it's all Java.

http://jeeves.javasoft.com

HotJava also has SSL in Java:

http://java.sun.com/products/HotJava

As for SSL APIs, we have a tricky problem, since SSL APIs count as
cryptographic APIs and we are barred from exporting those outside the
US (regardless of the strength of the encryption in the APIs, we can't
export crypto APIs.)

See also these URLs for more info on Java security

http://java.sun.com/security
http://java.sun.com/sfaq
http://jeeves.javasoft.com/hypermail/java-security-archive/index.html

Thanks,
Marianne