Return-Path: 
 <general-return-18133-apmail-incubator-general-archive=incubator.apache.org@incubator.apache.org>
Delivered-To: apmail-incubator-general-archive@www.apache.org
Received: (qmail 99022 invoked from network); 8 May 2008 20:09:33 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2)
  by minotaur.apache.org with SMTP; 8 May 2008 20:09:33 -0000
Received: (qmail 35784 invoked by uid 500); 8 May 2008 20:09:33 -0000
Delivered-To: apmail-incubator-general-archive@incubator.apache.org
Received: (qmail 35664 invoked by uid 500); 8 May 2008 20:09:33 -0000
Mailing-List: contact general-help@incubator.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:general-help@incubator.apache.org>
List-Unsubscribe: <mailto:general-unsubscribe@incubator.apache.org>
List-Post: <mailto:general@incubator.apache.org>
List-Id: <general.incubator.apache.org>
Reply-To: general@incubator.apache.org
Delivered-To: mailing list general@incubator.apache.org
Delivered-To: moderator for general@incubator.apache.org
Received: (qmail 63993 invoked by uid 99); 8 May 2008 19:15:06 -0000
X-ASF-Spam-Status: No, hits=-0.0 required=10.0
	tests=SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of sgoeschl@gmx.at designates
 213.165.64.20 as permitted sender)
X-Authenticated: #35915548
X-Provags-ID: V01U2FsdGVkX1/Eu44IImHEr1Mng3OqkFxBXFQodTbqbfZx3BrUhd
	2xdWSdI/dvDrqZ
Message-ID: <48235110.2070903@gmx.at>
Date: Thu, 08 May 2008 21:14:24 +0200
From: Siegfried Goeschl <sgoeschl@gmx.at>
Reply-To: sgoeschl@gmx.at
User-Agent: Thunderbird 2.0.0.14 (Macintosh/20080421)
MIME-Version: 1.0
To: dev@jsecurity.codehaus.org, general@incubator.apache.org
Subject: Looking around at JSecurity ....
X-Enigmail-Version: 0.95.6
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Y-GMX-Trusted: 0
X-Virus-Checked: Checked by ClamAV on apache.org

Hi folks,

a few thoughts along the line while  looking at the project

1) would it be possible to integrate non-Java application for SSO, e.g. 
using agents communicating to a central server or is this not the scope 
of the project (i.e. Java only) - might be a stupid question but I miss 
the big picture here

2) you expose strong cryptography based on Blowfish - please note that 
in Apache land this requires an ECCN code (for the brave and fearless 
see http://www.apache.org/dev/crypto.html) - you might consider exposing 
weak cryptography (up to 56 bit) to avoid the legal work ... :)

3) You are using retroweaver to support JDK 1.4 - are there two 
deliverables (one for 1.4 and 1.5) or only the backported one?

Cheers,

Siegfried Goeschl


---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org