Hi,
On Wed, 2005-10-12 at 16:45 +0200, Florian Weimer wrote:
> >> In the meantime, it occurred to me that the certified key (including
> >> the private key) would have to be included in the source package,
> >> otherwise the package would fail to build from source.
> >>
> >> While I see nothing i
Hi,
On Wed, 2005-10-12 at 09:51 +0200, Michael Koch wrote:
> This is a big field which needs even bigger investigation. The free
> runtimes can load them but signed jars are still not supported (or was
> this fixed lately...). Your best action would be to just test it with
> kaffe or gcj or whatev
* Charles Fry:
>> In the meantime, it occurred to me that the certified key (including
>> the private key) would have to be included in the source package,
>> otherwise the package would fail to build from source.
>>
>> While I see nothing in Sun's form that requires us to keep the private
>> key
> > This is a big field which needs even bigger investigation. The free
> > runtimes can load them but signed jars are still not supported (or was
> > this fixed lately...). Your best action would be to just test it with
> > kaffe or gcj or whatever and report any bugs you find.
>
> In the meantim
* Michael Koch:
> This is a big field which needs even bigger investigation. The free
> runtimes can load them but signed jars are still not supported (or was
> this fixed lately...). Your best action would be to just test it with
> kaffe or gcj or whatever and report any bugs you find.
In the me
On Tue, Oct 04, 2005 at 04:01:03PM -0400, Charles Fry wrote:
> > > In order to be trusted, the security provider must be signed with a
> > > key that was certified by the JCE Code Signing Certification
> > > Authority (see Step 5 of the document above).
> >
> > So why can't we ship trusted root ce
* Charles Fry:
> Well, I may not entirely understand your question, but here is my
> understanding of the situation, as supported by the document How to
> Implement a Provider for the JavaTM Cryptography Extension[1].
Unfortunately, this document doesn't explain why the certificate is
needed.
>
> > In order to be trusted, the security provider must be signed with a
> > key that was certified by the JCE Code Signing Certification
> > Authority (see Step 5 of the document above).
>
> So why can't we ship trusted root certificates for a Debian Code
> Signing Certification Authority, or trus
> > Can someone please comment on how we should proceed to obtain a JCE Code
> > Signing Certificate for Debian?
>
> Why can't we just install a trusted certificate in our own packages?
>
> It's not clear to me who should own the private key corresponding to
&
* Charles Fry:
> I should also point out that this JCE Code Signing Certificate is
> necessary not only to allow libbcprov-java to be used as a trusted
> security provider, but also for me to package bcmail, bctsp, and bcpg
> which are also part of Bouncy Castle. I can currently build
I should also point out that this JCE Code Signing Certificate is
necessary not only to allow libbcprov-java to be used as a trusted
security provider, but also for me to package bcmail, bctsp, and bcpg
which are also part of Bouncy Castle. I can currently build all of them,
but the regression
Now that BouncyCastle[1] has been packaged for Debian[2], it is time for
us to move forward with Arnaud's suggestion[3] that we obtain a JCE Code
Signing Certificate[4] for Debian, in order to vouch for this and other
JCE Security Providers that Debian may provide.
The process is fairly str
12 matches
Mail list logo
