Re: JCE Keystore Bug ???

Jan Luehe (luehe@laguna.eng.sun.com)
Tue, 2 Feb 1999 14:36:58 -0800 (PST)

Date: Tue, 2 Feb 1999 14:36:58 -0800 (PST)
From: Jan Luehe <luehe@laguna.eng.sun.com>
Subject: Re: JCE Keystore Bug ???
To: puga@tis.com

Ralph:

> I have several questions regarding your answer.
>
> 1) If you are adding support for storing session keys in the JCE keystore in
> an upcoming JCE 1.2 FCS release, what if any difference is there between the
> JKS and the JCEKS implementations ?

The implementation of the protection algorithm for
sensitive key information differs between JKS and JCEKS.

JCEKS provides a much stronger protection algorithm,
based on triple DES.

We did not put any strong crypto into the JDK,
in order to avoid any export issues.

> 2) When is the next JCE 1.2 FCS with the secret (session) key support due to
> be released ?

Hopefully within this month.

Jan