Nelson B Bolyard wrote:
On 2010-04-30 06:38 PST, Bob Foss wrote:
There are no artifacts on the ftp site for JSS 4.3.2:
ftp://ftp.mozilla.org/pub/mozilla.org/security/jss/releases/
Check again. You may find it has been updated.
Thank you.
--
dev-tech-crypto mailing list
dev-tech-crypto@list
On 2010-04-30 06:38 PST, Bob Foss wrote:
> There are no artifacts on the ftp site for JSS 4.3.2:
> ftp://ftp.mozilla.org/pub/mozilla.org/security/jss/releases/
Check again. You may find it has been updated.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla
Bob Foss wrote:
Since, the restriction is primarily on the actual crypto algorithms,
I'm going to see if I can rebuild with the 3 SSL classes in a separate
jar ahead in the classpath.
I just wanted to post a follow-up, that I was able to build a second
jss-ssl.jar which just contained org.mozil
On Fri, Apr 30, 2010 at 6:38 AM, Bob Foss wrote:
>
> There are no artifacts on the ftp site for JSS 4.3.2:
> ftp://ftp.mozilla.org/pub/mozilla.org/security/jss/releases/
>
> Has 4.3.2 been marked RTM?
>
> Unfortunately, Sun's JRE requires signed jars for JCE providers,
&
On 2010/04/30 11:11 PDT, Marsh Ray wrote:
> On 4/30/2010 12:51 PM, Bob Foss wrote:
>>
>> Everything, I've read indicates that a JCE Provider's signing cert
>> must be signed by a cert from Sun (or maybe IBM).
>>
>> http://java.sun.com/javase/6/docs/technotes/guides/security/crypto/HowToImplAProvid
On 4/30/2010 2:02 PM, Bob Foss wrote:
>
> Here you are importing the certificate into a keystore which is
> only used to sign your jar file. It's not a keystore that contains
> the root CA used to verify all JCE providers when loaded by the JVM.
But if that were the case, why would they send you
Marsh Ray wrote:
On 4/30/2010 12:51 PM, Bob Foss wrote:
Everything, I've read indicates that a JCE Provider's signing cert
must be signed by a cert from Sun (or maybe IBM).
http://java.sun.com/javase/6/docs/technotes/guides/security/crypto/HowToImplAProvider.html#Step6
http://java.sun.com/ja
Something was bothering me about this document...
On 4/30/2010 1:11 PM, Marsh Ray wrote:
>
> http://java.sun.com/javase/6/docs/technotes/guides/security/crypto/HowToImplAProvider.html#Step61
> :
>> You will receive an email message containing two plain-text file
>> attachments: one file containin
On 4/30/2010 12:51 PM, Bob Foss wrote:
>
> Everything, I've read indicates that a JCE Provider's signing cert
> must be signed by a cert from Sun (or maybe IBM).
>
> http://java.sun.com/javase/6/docs/technotes/guides/security/crypto/HowToImplAProvider.html#Step6
http://java.sun.com/javase/6/doc
Nelson B Bolyard wrote:
On 2010-04-30 10:25 PST, Marsh Ray wrote:
On 4/30/2010 12:17 PM, Nelson B Bolyard wrote:
Unfortunately, Sun's JRE requires signed jars for JCE providers,
so the Mozilla signed jar file is pretty useful.
Signed bits may be available directly from Sun. It&#
On 2010-04-30 10:25 PST, Marsh Ray wrote:
> On 4/30/2010 12:17 PM, Nelson B Bolyard wrote:
>>> Unfortunately, Sun's JRE requires signed jars for JCE providers,
>>> so the Mozilla signed jar file is pretty useful.
>> Signed bits may be available directly from Sun. I
On 4/30/2010 12:17 PM, Nelson B Bolyard wrote:
>
>> Unfortunately, Sun's JRE requires signed jars for JCE providers,
>> so the Mozilla signed jar file is pretty useful.
>
> Signed bits may be available directly from Sun. It's also conceivable
> that IBM or
ut the same time as Oracle's acquisition of Sun, three of Sun's
NSS development team members left Sun. One of them was Sun's lead JSS
developer. I was another of them.
> Unfortunately, Sun's JRE requires signed jars for JCE providers,
> so the Mozilla signed jar file
org/show_bug.cgi?id=530575
>
There are no artifacts on the ftp site for JSS 4.3.2:
ftp://ftp.mozilla.org/pub/mozilla.org/security/jss/releases/
Has 4.3.2 been marked RTM?
Unfortunately, Sun's JRE requires signed jars for JCE providers,
so the Mozilla signed jar file is pretty useful.
Abraham wrote:
> Hi,
>
> I've downloaded the jss latest version (.jar 4.2.5, windows), but the sign
> appears as caduced (older version too). Is this so?
>
I'm not quite sure what "caduced" means but I think you're stating that
if you
run "jarsigner -verify jss4.jar" you get:
jar verified.
Wa
Hi,
I've downloaded the jss latest version (.jar 4.2.5, windows), but the sign
appears as caduced (older version too). Is this so?
Regards, Abraham.
___
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/d
16 matches
Mail list logo
