directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Enrique Rodriguez <erodrig...@apache.org>
Subject Re: Do we want to jump to JDK 1.5
Date Tue, 08 Mar 2005 18:31:37 GMT
Alex Karasulu wrote:
> David Boreham wrote:
> 
>>> IMO, a big risk to adoption. Is it really not possible to do the SSL 
>>> in 1.4?
>>
>> Yeah, I'd like to learn more about the problem with SSL in 1.4 myself.
>>
>> Requiring Java 5 seems a little painful right now : I don't have any
>> clients that are able to use it.
> 
> Very reasonable points.
> Dave could you look and see if we can back port the SSL filter so it 
> works on 1.4?
> If we can make it work on 1.4 then it is the most comfortable to stay on 
> 1.4.  However if I have to choose between having SSL and not ... I'd 
> move to 1.5 to have it.

1.5 also has built-in support for SASL, which I would use to add 
Kerberos support to the LDAP wire protocol.

I'm also looking forward to the built-in Triple DES encryption types, 
though I am currently getting them from BouncyCastle.  I could drop the 
BC requirement with 1.5, though, admittedly, that's a weak "nice to 
have."  There are some other JAAS enhancements that would help SSO:

http://java.sun.com/j2se/1.5.0/docs/guide/security/jgss/jgss-tiger.html

That "Top Ten" list Alex sent yesterday means we'll be at this for a 
while ... realistically, what enterprise is going to make a major move 
to ApacheDS any time soon?

I am personally for 1.5 but will defer in a second if we actually have 
customers.

-enrique


> 
> Alex

Mime
View raw message