ws-soap-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Darrel Drake" <>
Subject Re: SSL client authentication -- Introduction
Date Wed, 01 Nov 2000 03:50:11 GMT

In case Stoyan was speaking for others too, I'll introduce myself. I am
Darrell Drake, and I'm a relatively new addition to the IBM Tokyo Research
Laboratories SOAP team. I'm learning how to implement SSL connections both
from a Java standpoint and from a server-administration standpoint. I'm
interested in extracting transport-layer SSL information (especially client
certificates but actually anything) into the SOAP platform so that by
exposing an API to this transport class the SOAP application.

About my questions: after looking at the samples more closely, I understand
how a KeyManagerFactory object works much better now. But I'm still not
sure if the way I was using KeyStore is best. I'm going to re-phrase the
question like this:

There's two levels of password protection for a KeyStore, but what should
those levels represent? I assumed user-level and domain-level. What else
could it be? Is there a convention about it? Mr. Wray doesn't encrypt his
keystore file, is that general practice?

Darrell Drake       ドレイク・ダレル
IBM Japan, TRL      日本 アイ・ビー・エム
+81-46-215-4175     東京基礎研究所

From: "Stoyan Jordanoff" <> on 2000/10/28 03:52

Please respond to

To:   <>
Subject:  Re: SSL client authentication

excuse me who are you?
----- Original Message -----
From: "Darrel Drake" <>
To: <>
Sent: 27/10/2000 1:43 AM
Subject: SSL client authentication

> I think this is a sort-of newbie question so I'm sorry in advance. But
> JDC bulletin board on JSSE is apparently unknown to the real world so I
> need to ask this question here.
> In all the examples of SSL client authentication that I've seen (all 2 of
> them, thanks for #2 Mr. Wray), the KeyStore is passed to the
> KeyManagerFactory, which then makes some KeyManagers and those are passed
> to the SSLContext. This challenges my perception of how a KeyStore is
> supposed to be used.

View raw message