Return-Path: 
 <derby-commits-return-7946-apmail-db-derby-commits-archive=db.apache.org@db.apache.org>
Delivered-To: apmail-db-derby-commits-archive@www.apache.org
Received: (qmail 70129 invoked from network); 5 Jul 2007 09:04:20 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2)
  by minotaur.apache.org with SMTP; 5 Jul 2007 09:04:20 -0000
Received: (qmail 12405 invoked by uid 500); 5 Jul 2007 09:04:22 -0000
Delivered-To: apmail-db-derby-commits-archive@db.apache.org
Received: (qmail 12384 invoked by uid 500); 5 Jul 2007 09:04:22 -0000
Mailing-List: contact derby-commits-help@db.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:derby-commits-help@db.apache.org>
list-unsubscribe: <mailto:derby-commits-unsubscribe@db.apache.org>
List-Post: <mailto:derby-commits@db.apache.org>
Reply-To: "Derby Development" <derby-dev@db.apache.org>
List-Id: <derby-commits.db.apache.org>
Delivered-To: mailing list derby-commits@db.apache.org
Received: (qmail 12373 invoked by uid 99); 5 Jul 2007 09:04:22 -0000
Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 05 Jul 2007 02:04:22 -0700
X-ASF-Spam-Status: No, hits=-99.5 required=10.0
	tests=ALL_TRUSTED,NO_REAL_NAME
X-Spam-Check-By: apache.org
Received: from [140.211.11.3] (HELO eris.apache.org) (140.211.11.3)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 05 Jul 2007 02:04:18 -0700
Received: by eris.apache.org (Postfix, from userid 65534)
	id B8F511A981D; Thu,  5 Jul 2007 02:03:58 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r553428 - in /db/derby/docs/trunk/src/adminguide:
 cadminapps811695.dita cadminappsclientsecurity.dita derbyadmin.ditamap
 tadminapps811695.dita
Date: Thu, 05 Jul 2007 09:03:58 -0000
To: derby-commits@db.apache.org
From: bernt@apache.org
X-Mailer: svnmailer-1.1.0
Message-Id: <20070705090358.B8F511A981D@eris.apache.org>
X-Virus-Checked: Checked by ClamAV on apache.org

Author: bernt
Date: Thu Jul  5 02:03:57 2007
New Revision: 553428

URL: http://svn.apache.org/viewvc?view=rev&rev=553428
Log:
DERBY-2837 Update docs on STRONG_PASSWORD_SUBSTITUTE_SECURITY/ENCRYPTED_USER_AND_PASSWORD_SECURITY and JCE support

Added:
    db/derby/docs/trunk/src/adminguide/cadminapps811695.dita
      - copied, changed from r552430, db/derby/docs/trunk/src/adminguide/tadminapps811695.dita
Removed:
    db/derby/docs/trunk/src/adminguide/tadminapps811695.dita
Modified:
    db/derby/docs/trunk/src/adminguide/cadminappsclientsecurity.dita
    db/derby/docs/trunk/src/adminguide/derbyadmin.ditamap

Copied: db/derby/docs/trunk/src/adminguide/cadminapps811695.dita (from r552430, db/derby/docs/trunk/src/adminguide/tadminapps811695.dita)
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/cadminapps811695.dita?view=diff&rev=553428&p1=db/derby/docs/trunk/src/adminguide/tadminapps811695.dita&r1=552430&p2=db/derby/docs/trunk/src/adminguide/cadminapps811695.dita&r2=553428
==============================================================================
--- db/derby/docs/trunk/src/adminguide/tadminapps811695.dita (original)
+++ db/derby/docs/trunk/src/adminguide/cadminapps811695.dita Thu Jul  5 02:03:57 2007
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
-<!DOCTYPE task PUBLIC "-//OASIS//DTD DITA Task//EN"
- "../dtd/task.dtd">
+<!DOCTYPE concept PUBLIC "-//OASIS//DTD DITA Concept//EN"
+ "../dtd/concept.dtd">
 <!-- 
 Licensed to the Apache Software Foundation (ASF) under one or more
 contributor license agreements.  See the NOTICE file distributed with
@@ -17,7 +17,7 @@
 See the License for the specific language governing permissions and  
 limitations under the License.
 -->
-<task id="tadminapps811695" xml:lang="en-us">
+<concept id="cadminapps811695" xml:lang="en-us">
 <title>Enabling the encrypted user ID and password security mechanism</title>
 <prolog><metadata>
 <keywords><indexterm>Encrypted User ID and password<indexterm>using with Network
@@ -26,37 +26,23 @@
 <indexterm>ibmpkderby.jar</indexterm><indexterm>ibmpkcs11.jar</indexterm>
 </keywords>
 </metadata></prolog>
-<taskbody>
-<context> <p>To use the encrypted user ID and password security mechanism,
-you need IBM JCE (Java Cryptography Extension) 1.2.1 or later. You can use
-it with any version of IBM or Sun's <ph><tm tmclass="special" tmowner="Sun Microsystems, Inc."
+<conbody>
+<p>To use the encrypted user ID and password security mechanism,
+you need a Java environment whith an JCE (Java Cryptography Extension)
+which supports the Diffie-Hellman algorithm with a public prime of
+256 bits. Sun's <ph><tm tmclass="special" tmowner="Sun Microsystems, Inc."
 tmtype="tm" trademark="Java">Java</tm> 2 Platform, Standard Edition, Version
-1.2 (J2SE)</ph>.</p><p>IBM Developer Kit for the Java Platform 1.4 or later
-comes with IBM JCE, so you do not need to install IBM JCE separately. If you
-have an earlier version of IBM Developer Kit for the Java Platform or other
-Software Development Kits, complete the following steps:</p></context>
-<steps>
-<step><cmd>Copy the following IBM JCE jar files to the jre/lib/ext directory
-of the IBM SDK's installation home:</cmd><info><ul>
-<li>ibmjceprovider.jar</li>
-<li>ibmjcefw.jar</li>
-<li>ibmpkderby.jar</li>
-<li>ibmpkcs11.jar</li>
-</ul></info></step>
-<step><cmd>Modify the java.security file in the jre/lib/security directory.
-In the section that lists providers (and preference order), replace the text
-with:</cmd><info><codeblock>security.provider.1=sun.security.provider.Sun
-security.provider.2=com.ibm.crypto.provider.IBMJCE</codeblock><p><note>If
-you are installing the IBM JCE on a Sun Java Development Kit, you must specify
-both of these lines in the order shown.</note></p></info></step>
-<step><cmd>To use the encrypted user id and password security mechanism during
+1.4 (J2SE)</ph> and later requires a public prime of 512 bits or
+more. An alternative mechanism if the 256 bit public prime is not
+supported, is <i>STRONG_PASSWORD_SUBSTITUTE_SECURITY</i>.
+</p>
+<p>To use the encrypted user id and password security mechanism during
 JDBC connection using the network client, specify the <codeph>securityMechanism</codeph> in
-the connection property. </cmd><info>If an encrypted database is booted in
+the connection property. <note>If an encrypted database is booted in
 the Network Server, users can connect to the database without giving the <codeph>bootPassword</codeph>.
 The first connection to the database must provide the <codeph>bootPassword</codeph>,
 but all subsequent connections do not need to supply it. To remove access
 from the encrypted database, use the <codeph>shutdown=true</codeph> option
-to shut down the database.</info></step>
-</steps>
-</taskbody>
-</task>
+to shut down the database.</note></p>
+</conbody>
+</concept>

Modified: db/derby/docs/trunk/src/adminguide/cadminappsclientsecurity.dita
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/cadminappsclientsecurity.dita?view=diff&rev=553428&r1=553427&r2=553428
==============================================================================
--- db/derby/docs/trunk/src/adminguide/cadminappsclientsecurity.dita (original)
+++ db/derby/docs/trunk/src/adminguide/cadminappsclientsecurity.dita Thu Jul  5 02:03:57 2007
@@ -73,7 +73,7 @@
 <entry colname="col2">ClientDataSource.ENCRYPTED_USER_AND_PASSWORD_SECURITY
 (0x09)</entry>
 <entry colname="col3">Encryption requires a JCE implementation that supports
-the Diffie-Helman algorithm with a prime of 32 bytes.</entry>
+the Diffie-Hellman algorithm with a public prime of 256 bits.</entry>
 </row>
 </tbody>
 </tgroup>

Modified: db/derby/docs/trunk/src/adminguide/derbyadmin.ditamap
URL: http://svn.apache.org/viewvc/db/derby/docs/trunk/src/adminguide/derbyadmin.ditamap?view=diff&rev=553428&r1=553427&r2=553428
==============================================================================
--- db/derby/docs/trunk/src/adminguide/derbyadmin.ditamap (original)
+++ db/derby/docs/trunk/src/adminguide/derbyadmin.ditamap Thu Jul  5 02:03:57 2007
@@ -135,7 +135,7 @@
 </topicref>
 <topicref href="cadminapps811656.dita" navtitle="Network Server user authentication when user authentication is off
 in Derby"></topicref>
-<topicref href="tadminapps811695.dita" navtitle="Enabling the encrypted user ID and password security mechanism">
+<topicref href="cadminapps811695.dita" navtitle="Enabling the encrypted user ID and password security mechanism">
 </topicref>
 </topicref>
 <topicref href="cadminappsjdbcdiffs.dita" navtitle="Differences in JDBC 3.0 methods">