harmony-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Zakharov, Vasily M" <vasily.m.zakha...@intel.com>
Subject RE: [security] Which KeyStore to choose?
Date Thu, 17 Jan 2008 13:27:33 GMT

I'm going to specify a default to use by Geronimo when it's running on

PKCS12 [1] is RSA Labs keystore format. It has the advantage that it is
by both RI and BouncyCastle, but it's not Java-specific, and is
supported also by
Internet Explorer and other applications.

Do I understand you correctly that as Harmony uses BC that has BKS as
default keystore,
so the BKS is the best default choice, right?


[1] http://en.wikipedia.org/wiki/PKCS12

-----Original Message-----
From: Mikhail Loenko [mailto:mloenko@gmail.com] 
Sent: Wednesday, January 16, 2008 9:43 PM
To: dev@harmony.apache.org
Subject: Re: [security] Which KeyStore to choose?

are you talking about ability to specify for Harmony or for Geronimo?

Default for any JRE is specified in the .java.security configuration
file. BKS is something from BC provider by definition. What is PKCS12?

2008/1/17, Zakharov, Vasily M <vasily.m.zakharov@intel.com>:
> I fully agree with that, but besides, we should propose some choice to
> use by default.
> That's what I'm asking for.
> Vasily
> -----Original Message-----
> From: Alexey Petrenko [mailto:alexey.a.petrenko@gmail.com]
> Sent: Wednesday, January 16, 2008 9:14 PM
> To: dev@harmony.apache.org
> Subject: Re: [security] Which KeyStore to choose?
> I think that the best options is possibility to choose :)
> SY, Alexey
> 2008/1/16, Zakharov, Vasily M <vasily.m.zakharov@intel.com>:
> > Hi, security gurus, what would be you suggestion on which would be
> > best default keystore type to use in applications like Geronimo?
> >
> > I'm now trying to enable Geronimo 2.0.2 on Harmony, and it requires
> > proper keystore to operate. By default, it uses JKS which Harmony
> > doesn't support, and I'm going to propose changing that to something
> > else. Previously there were talks on using PKCS12, but for now
> > keystore type for Harmony is BKS, so I wonder, which would make the
> best
> > default.
> >
> > Thank you!
> >
> > Vasily Zakharov
> > Intel ESSD
> >
> >
> >
> > ---
> >
Closed Joint Stock Company Intel A/O
Registered legal address: 125252, Moscow, Russian Federation, 
Chapayevsky Per, 14.

This e-mail and any attachments may contain confidential material for
the sole use of the intended recipient(s). Any review or distribution
by others is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete all copies.

View raw message