axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Davanum Srinivas" <>
Subject Re: Requirement of bouncycastle on Java 1.5
Date Mon, 10 Jul 2006 18:59:53 GMT
Can you please drop an email to wss4j-dev (specifically addressed to
werner?). Also please look at juice code base


On 7/10/06, Vivek Lakshmanan <> wrote:
> Davanum Srinivas wrote:
> > how about this for a start?
> >
> >
> Thanks for the link and sorry for the delayed response. Couple of quick
> questions though:
> 1) Since that message is a bit dated, is it possible to get an update on
> this? Since support for RSA-OAEP, and a lot of the signature algorithms
> has been integrated in JDK 1.5, it seems the only reasons to require any
> external JCE provider at all would be to support a larger range of
> key-sizes for symmetric encryption not provided by the JDK. Is this
> deduction accurate?
> 2) In addition, there are some inconsistencies in the behaviour of
> Bouncycastle and other crypto providers (including the JDK) which seem
> to make the Axis/wss4j code (somewhat accidentally) dependent on
> Bouncycastle. From my inspection, these are minor things like algorithm
> transformations/names etc. Are there any deeper issues I have missed in
> my assessment?
> If the stumbling blocks are limited to what I mentioned above, then it
> probably wont require a lot of effort to make Axis more crypto-provider
> agnostic.
> Thanks,
> Vivek

Davanum Srinivas : (Oxygen for Web Service Developers)

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message