RE: SSL Implementation

David Brownell (David.Brownell@Eng)
Tue, 10 Mar 1998 10:42:37 -0800

Date: Tue, 10 Mar 1998 10:42:37 -0800
From: David.Brownell@Eng (David Brownell)
Message-Id: <199803101842.KAA14459@argon.eng.sun.com>
To: JGindin@walldata.com, java-security@web2.javasoft.com
Subject: RE: SSL Implementation

I'll see what I can find out about those procedures.
I hope I don't find that the marketing folk decided
not to license this software any more!

There's basic certificate management in the product,
building on the JDK 1.1 X509v1 support. Basically,
you can manage a list of CAs trusted to use with SSL
authentication, create self-signed DSS and RSA certs,
issue CSRs and import responses from CAs. Private
keys are stored in encrypted form, and there's basic
"login" functionality.

- Dave

> From JGindin@walldata.com Mon Mar 9 13:56:06 1998
> From: JGindin@walldata.com
> To: David.Brownell@Eng, JGindin@walldata.com, java-security@web2.javasoft.com
> Subject: RE: SSL Implementation
> Date: Mon, 9 Mar 1998 10:58:06 -0800
>
> What are the procedures for getting an evaluation of the product? What
> support is there for certificate management, if any, in the product?
>
> Thanks,
>
> jay
>
> -----Original Message-----
> From: David.Brownell@Eng.Sun.COM [mailto:David.Brownell@Eng.Sun.COM]
> Sent: Thursday, February 26, 1998 8:58 AM
> To: JGindin@walldata.com; java-security@web2.javasoft.com
> Subject: Re: SSL Implementation
>
>
> > When will the javax.net.ssl packages be released?
>
> Sun's implementation has been bundled with several products already,
> and some other licensees are similarly releasing products with it.
> I understand you can license the implementation as source code right
> now if you want.
>
>
> > Also, there doesn't appear to be a mechanism for _setting_ the default
> > SocketFactory. How will this be accomplished?
>
> Sun will have at least one version that supports setting the class which
> the javax.net.SocketFactory.getDefault method returns, using a system
> property. For example, that way one can arrange that the sockets returned
> use the site's preferred scheme for firewall tunneling (perhaps SOCKS V5,
> perhaps something else) when direct connections fail. Of course, such
> firewall tunneling logic can be 100% Pure Java.
>
> - Dave
>