Return-Path: Delivered-To: apmail-incubator-harmony-dev-archive@www.apache.org Received: (qmail 55271 invoked from network); 19 Jul 2006 12:48:23 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 19 Jul 2006 12:48:23 -0000 Received: (qmail 97869 invoked by uid 500); 19 Jul 2006 12:48:20 -0000 Delivered-To: apmail-incubator-harmony-dev-archive@incubator.apache.org Received: (qmail 97834 invoked by uid 500); 19 Jul 2006 12:48:19 -0000 Mailing-List: contact harmony-dev-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: harmony-dev@incubator.apache.org Delivered-To: mailing list harmony-dev@incubator.apache.org Received: (qmail 97823 invoked by uid 99); 19 Jul 2006 12:48:19 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 19 Jul 2006 05:48:19 -0700 X-ASF-Spam-Status: No, hits=3.1 required=10.0 tests=DNS_FROM_RFC_ABUSE,RCVD_IN_SORBS_WEB,SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (asf.osuosl.org: 82.138.226.220 is neither permitted nor denied by domain of t.p.ellison@gmail.com) Received: from [82.138.226.220] (HELO dublin.purplecloud.com) (82.138.226.220) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 19 Jul 2006 05:48:18 -0700 Received: (qmail 27873 invoked from network); 19 Jul 2006 13:47:57 +0100 Received: from blueice2n1.de.ibm.com (HELO ?9.20.183.161?) (195.212.29.171) by smtp-dublin.purplecloud.com with (DHE-RSA-AES256-SHA encrypted) SMTP; 19 Jul 2006 13:47:57 +0100 Message-ID: <44BE29F9.8090900@gmail.com> Date: Wed, 19 Jul 2006 13:47:53 +0100 From: Tim Ellison User-Agent: Thunderbird 1.5.0.4 (Windows/20060516) MIME-Version: 1.0 To: harmony-dev@incubator.apache.org Subject: Re: [classlib] choose one [x-net] || [security] for HARMONY-536 (JSSE provider) References: <44BD30C0.4040700@pobox.com> <44BD5763.1050902@gmail.com> <44BD5C71.20904@pobox.com> <44BE0415.7010905@googlemail.com> <44BE231B.1000000@pobox.com> In-Reply-To: <44BE231B.1000000@pobox.com> X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Geir Magnusson Jr wrote: > > George Harley wrote: > >> I think you are right. The kind of information we would want to have in >> a Harmony cacerts file is available from CA web sites (e.g. Verisign and >> Thawte). Inclusion of Thawte root certs requires accepting their license >> which is available on the repository access page [1]. It seems pretty >> harmless (famous last words). >> >> I guess that in order to build our own Harmony cacerts file we would >> need to retrieve the root certs information from each CA in turn being >> careful to check out the terms of any associated licenses. > > Yep. I'm looking at the license now. It seems harmless, but there seem > to be small issues to figure out, such as if I (geir) accept the > license, how can the cert be included in an ASF product following the > letter of the law... I'll take this as a problem to solve... Looking at the list of CAs in my copy of Sun 5.0 I see the list given below (my grouping). Clearly we would like to have all these to redistribute, but we may need to track them down from the original sources to avoid any usage gotchas. It would be useful, when people find the right links if we can gather them together in one place. Regards, Tim ======================================================================= baltimorecodesigningca, 10-May-2002, trustedCertEntry, baltimorecybertrustca, 10-May-2002, trustedCertEntry, entrust2048ca, 09-Jan-2003, trustedCertEntry, entrustclientca, 09-Jan-2003, trustedCertEntry, entrustglobalclientca, 09-Jan-2003, trustedCertEntry, entrustgsslca, 09-Jan-2003, trustedCertEntry, entrustsslca, 09-Jan-2003, trustedCertEntry, equifaxsecureca, 18-Jul-2003, trustedCertEntry, equifaxsecureebusinessca1, 18-Jul-2003, trustedCertEntry, equifaxsecureebusinessca2, 18-Jul-2003, trustedCertEntry, equifaxsecureglobalebusinessca1, 18-Jul-2003, trustedCertEntry, geotrustglobalca, 18-Jul-2003, trustedCertEntry, godaddyclass2ca, 11-Jan-2005, trustedCertEntry, gtecybertrust5ca, 10-May-2002, trustedCertEntry, gtecybertrustca, 10-May-2002, trustedCertEntry, gtecybertrustglobalca, 10-May-2002, trustedCertEntry, starfieldclass2ca, 11-Jan-2005, trustedCertEntry, thawtepersonalbasicca, 12-Feb-1999, trustedCertEntry, thawtepersonalfreemailca, 12-Feb-1999, trustedCertEntry, thawtepersonalpremiumca, 12-Feb-1999, trustedCertEntry, thawtepremiumserverca, 12-Feb-1999, trustedCertEntry, thawteserverca, 12-Feb-1999, trustedCertEntry, valicertclass2ca, 11-Jan-2005, trustedCertEntry, verisignclass1ca, 25-Mar-2004, trustedCertEntry, verisignclass1g2ca, 25-Mar-2004, trustedCertEntry, verisignclass1g3ca, 25-Mar-2004, trustedCertEntry, verisignclass2ca, 27-Oct-2003, trustedCertEntry, verisignclass2g2ca, 25-Mar-2004, trustedCertEntry, verisignclass2g3ca, 25-Mar-2004, trustedCertEntry, verisignclass3ca, 27-Oct-2003, trustedCertEntry, verisignclass3g2ca, 25-Mar-2004, trustedCertEntry, verisignclass3g3ca, 25-Mar-2004, trustedCertEntry, verisignserverca, 29-Jun-1998, trustedCertEntry, ======================================================================= -- Tim Ellison (t.p.ellison@gmail.com) IBM Java technology centre, UK. --------------------------------------------------------------------- Terms of use : http://incubator.apache.org/harmony/mailing.html To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org For additional commands, e-mail: harmony-dev-help@incubator.apache.org