geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kresten Krab Thorup <>
Subject Re: IDEA block cipher inclusion via the "bouncy castle" JCE provider
Date Mon, 19 Sep 2005 08:27:11 GMT
On Aug 31, 2005, at 2:26 AM, Dain Sundstrom wrote:

>> Good idea.  Alternatively for our use, it looks like the directory  
>> project has its own asn1 implementation.  IIUC that is all we use  
>> in the openejb corba code.  Can we sidestep this problem by using  
>> the directory's asn1 implementation?
> Kresten, does the proposed Trifork ORB donation include the asn1  
> code necessary for CORBA security?

Our CSI interceptor can certainly be included in the donation.  It  
includes some hand-written code for some of the ASN.1 encodings, like  

For ITTDistinguishedName, we use to decode the ASN.1 name.   
(this should be in any 1.4+ JDK).

I cannot say for sure if this is all that will be needed in the  
future, but we can take it from here.  I.e. we might also need code  
to ASN.1 encode/decode x509 certificate chains.  I could not  
immediately find somewhere in our code where we handle that beyond  
SSL-level management.

If someone is actually working on this stuff, I can send them the  
files that make up the CSI interceptor.


View raw message