[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Java Crypto API questions



Today, CP's own Marianne Mueller was scheduled to give a talk at JavaOne on
the eagerly awaited (at least by this user) Java Crypto API. I could not
attend the conference, but downloaded the slides for the presentation
<http://java.sun.com/javaone/pres/Crypto.pdf>

Viewing the slides left me with some questions that I hope someone that
attended the talk might be able to answer:

o "Developers do not call into Security Packages directly."
It seems the developer calls java.security (presumably provided by Sun),
which then will call the Security Packages. Is this view correct?

o "Security Packages must be signed. Policy for signing is public and open."
I assume the packages must be signed by Sun. How much will it cost to have
a package signed? How do I obtain a copy of this "public and open" policy?

o "Exportable API. Exportable applications."
One code example shows performing a DES encryption. Another slide mentions
"Support for [...] RSA." This is exportable? What am I missing?

o Where can I get more info on "Jeeves", the Java HTTP Server?

TIA,


Disclaimer: My opinions are my own, not those of my employer.

-- Lucky Green <mailto:[email protected]>
   PGP encrypted mail preferred.