commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Henri Yandell" <flame...@gmail.com>
Subject Re: commons-ssl-0.3.4 alpha released
Date Wed, 29 Nov 2006 23:03:34 GMT
Hi Julius,

What's the status with regards to this bit on the website:

"Commons-SSL was originally developed by Credit Union Central of
British Columbia. It was donated to the Apache Software Foundation in
August 2006 and is now slowly starting the Apache
Incubation Policy."

In terms of the CLA - it doesn't look like you're an Apache committer
yet. Was there a particular project you were joining when you sent the
CLA?

In terms of the CCLA - have you requested a signed copy? I don't think
they're sent by default. However I don't see a CCLA on record for
CUBC.

I've no problem with this ending up in Commons someday - but so far
this seems like something for which the subject should be more about
Jakarta sponsoring in the Incubator, than starting in Commons-Sandbox.
[I did the latter for CSV, and I think with hindsight it would have
been better to go through the Incubator].

Hen

On 11/29/06, Julius Davies <juliusdavies@gmail.com> wrote:
> Hi,
>
> I'm writing to announce the alpha release of commons-ssl-0.3.4.  I'm
> writing to "commons-dev@jakarta.apache.org" because I think
> commons-sandbox would be a great home for this library.  The library
> itself is derived from some HttpClient code originally written by Oleg
> Kalnichevski.
>
> http://juliusdavies.ca/commons-ssl/
>
>
> Here are a few features of note:
>
> 1.  This library gives you the ability to read OpenSSL style private
> keys using only pure Java.  It even works with Java 1.3.  I tried to
> encrypt the same RSA private keys in as many ways as possible (106 so
> far!) with OpenSSL to test this:
>
> http://juliusdavies.ca/commons-ssl/samples/rsa_result.html
>
> 2.  The library automatically does CRL checking.  (We hope to add
> support for OCSP soon!).
>
> 3.  All options can be toggled on a per-socket-factory basis.  So for
> one SSLSocketFactory you might have setCheckHostname( false ), and on
> another you might have setCheckExpiry( false ) if you like.
>
> 4.  Can be dropped into any project easily because we extend
> SSLSocketFactory and SSLServerSocketFactory.  For example, to use as
> an "ldaps://" client you just define your own extremely basic
> sub-class:
>
> =============================
> package my.special.package;
> public class LDAPSocketFactory extends SSLClient {
>
>   public static SocketFactory getDefault() { return instance; }
>
>   private final static LDAPSocket instance;
>   static {
>     try { instance = new LDAPSocket(); }
>     catch ( Exception e ) { throw new RuntimeException( e ); }
>   }
>
>   private LDAPSocket() throws GeneralSecurityException, IOException {
>     TrustMaterial tm = new TrustMaterial( "/path/to/corporate/ldap.pem" );
>     setTrustMaterial( tm ); // We ONLY trust our "ldap.pem".  cacerts ignored!
>
>     KeyMaterial km = new KeyMaterial( "/path/to/pkcs12.der",
> "secret".toCharArray() );
>     setKeyMaterial( km ); // Maybe our "ldaps://" requires client certs?
>   }
> }
> =============================
>
> And then tell Java to use it like so:
>
> env.put( "java.naming.ldap.factory.socket",
> "my.special.package.LDAPSocketFactory" );
>
> Java looks for the static getDefault() method when you provide a
> SocketFactory like that to the LDAP stuff.
>
>
> I already have a personal CLA on file with Apache.  I'm not sure
> what's up with the Corporate CLA / Software Grant my employer (Credit
> Union Central of British Columbia) sent in August.  Last time I
> checked, CUCBC has yet to recieve a signed copy for their own records.
>
> --
> yours,
>
> Julius Davies
> 416-652-0183
> http://juliusdavies.ca/
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: commons-dev-help@jakarta.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-dev-help@jakarta.apache.org


Mime
View raw message