[Bug 230262] New: Review Request: jss - Java Security Services (JSS)
bugzilla at redhat.com
bugzilla at redhat.com
Tue Feb 27 20:57:32 UTC 2007
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230262
Summary: Review Request: jss - Java Security Services (JSS)
Product: Fedora Extras
Version: devel
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: Package Review
AssignedTo: nobody at fedoraproject.org
ReportedBy: rcritten at redhat.com
QAContact: fedora-package-review at redhat.com
Spec URL: http://directory.fedora.redhat.com/built/rpm_review/rcritten/jss.spec
SRPM URL: http://directory.fedora.redhat.com/built/rpm_review/rcritten/jss-4.2.4-1.src.rpm
Description:
Java Security Services (JSS) is a java native interface which provides a bridge
for java-based applications to use native Network Security Services (NSS).
NOTE: JSS is a JCE-provider and needs to be signed in order to perform certain operations. Even though gcj doesn't enforce the signing requirement many of the JSS self-tests fail miserably, presumably due to deficiencies in gcj.
The reason for requiring signing is to provide a level of confidence that the implemented provider you are using to perform your crypto operation is trusted.
http://java.sun.com/javase/6/docs/technotes/guides/security/crypto/CertForm.txt
"Only CSPs signed by a trusted entity can be plugged into the JCE framework."
So the bottom line is that this JSS will work for some operations (like SSL client and server) but not for key generation and signing.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
More information about the package-review
mailing list