Michael,
On 12/28/21 03:01, Michael Osipov wrote:
Am 2021-12-28 um 01:20 schrieb Christopher Schultz:
It's always fun finding out ANOTHER RFC that only one tool in the
world actually uses these days, or does so in some configuration.
(Ahem, OpenSSL).
Two issues:
* Complexity
* Why do it ourselves when you see that there are idiots do it for free?!
You and I are both those idiots :/
Keystore: Do you consider to turn this into a keystore type actually?
Nope.
Maybe that be would nice, standard API, new impl. Version 2.0?
Perhaps. They are very parallel.
While I cannot tell about the EC parameters, the rest should be
covered by the KeyStore API. WDYT?
The interface looks like this:
public PEMFile(Reader|InputStream);
public Entry getNext();
The Entry class is a superclass of a bunch of things like
CertificateEntry, PrivateKeyEntry, PublicKeyEntry, etc. Those things
know how to put themselves back into PEM format as well, though
without any encryption.
Does your impl comply with RFC 7468?
In what way? I only skimmed a few parts, but it seems like it's just a
collection of recaps of already-existing RFCs and "de facto" behaviors.
Also, don't use the term 'PEM', it has been long superseded,
especially when the aformentioned RFC came out. People use it out of
habit, although it does not really apply anymore.
PEM-encoded DER file? I don't see that as being superseded. I suppose
"RFC 7468-complaitn textual format" could be used, but I'll stick with
"PEM file" since that's what everyone calls them.
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
