santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Scott Cantor" <>
Subject RE: JuiCE - some ideas and a proposed draft "roadmap"
Date Wed, 09 Nov 2005 00:00:24 GMT
> Well, JuiCE seems to be dormant since about 1 1/2 year. The
> homepage still says the mailing lists need to be created - thus
> I'm sending this info to WSS4J and security-dev to get some
> info and feedback to the proposals/ideas listed below.

The JuiCE idea came from some early work that was done by some developers on
the Shibboleth (and OpenSAML) projects because early versions of xmlsec were
extremely slow. At the time, something like JuiCE seemed like a worthwhile
project and some people involved with WSS4J asked if we'd donate the
project, so we did.

Shortly after that, Raul (bless him) got involved with the xmlsec code and
did a serious number on it that basically tripled the performance overnight.
Needless to say, the impetus for JuiCE lost its, umm, juice.

There's certainly no objection on our part to somebody reviving it if
there's interest and effort there.

I think one small issue left for JuiCE was to make it properly thread safe.

> There is one missing link: to use JuiCE we need a certificate signed
> by Sun (Sun acting as a certificate authority in this case). There
> is (somewhere in the latest doc about JCE provider)
> a description how to get such a certificate - I can check it
> and provide the necessary info. This certificate must be used to
> sign the JuiCE jar

I think that's only required for certain things, but I don't really remember
anymore. I know it was tested a bit by us without doing that.

> Btw: I havn't checked it - but who has write access to the JuiCE
> SVN repos? Or can grant write access to it?

I don't know if it's SVN, actually. I know of some of the Shib folks that
had write access, they can chime in, but I think we'd be happy to see others
take the lead on it.

-- Scott

View raw message