[jboss-dev-forums] [Design of JBoss Web Services] - Re: What do we need in terms of x509 cert processing for ws
jason.greene@jboss.com
do-not-reply at jboss.com
Mon Oct 23 15:42:53 EDT 2006
"scott.stark at jboss.org" wrote : "jason.greene at jboss.com" wrote :
| | 1. Ability to generate a v3 cert, bouncy castle does support this. Right now I tell people to use openssl.
| |
| We should just look at whether bouncy castle/ejbca can be leveraged to get a sufficient cert generation capability into our codebase.
|
Agreed, I know we have some advanced long term goals, but I think just getting a basic tool in to begin with is important. Even if self-signing is all thats supported thats something.
"scott.stark at jboss.org" wrote :
| \Access to any raw attribute seems to exist. What is not generally available is a mechanism to control how to decode a given attribute. I would assume this is going to require ASN/DER classes (should exist in bc or even opends), along with a OID to format handler registry. The latter is core to ldap and so maybe we can leverage the opends schema handling pieces as a way to externalize the cert attribute handling as well.
|
Yes bc does have ASN/DER decoding:
http://www.bouncycastle.org/docs/docs1.5/org/bouncycastle/asn1/package-summary.html
If work starts in either of these areas I can try and get some time to work on this if needed.
-Jason
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3980162#3980162
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3980162
More information about the jboss-dev-forums
mailing list