Date: Tue, 16 Dec 1997 12:55:07 -0800 (PST)
From: Jan Luehe <Jan.Luehe@Eng>
Subject: Re: Question/Comment about Java Cryptography Architecture API Specifi cation & Rreference
To: java-security@web1.javasoft.com, fvl@computas.no
Filip:
> I just read the document from your site, and was a bit disappointed
> because the term 'cryptography' is at least a bit misleading: the
> document deals with hashes, keys, signing and verifying a digital
> signature, but there is no encryption API. I suppose this is because
> SUN wouldn't be allowed to export any product with strong cryptographic
> mechanisms (or hooks to it) from the US to the rest of the world, and
> an API which would support full DES or RSA could be regarded as such a
> product. However, I would like that you wouldn't use 'Cryptography' in
> the title of your document, but rather use a restricting term like
> 'Digital Signature' or such.
Cryptography has many aspects, including digital signatures and
message digests, and is not limited to encryption/decryption only.
The only reason why we do not include a discussion of ciphers and
session key negotiation in the document mentioned by you is
because of U.S. export control restrictions.
There is companion document under
http://java.sun.com/security/JCE1.2/earlyaccess/API_users_guide.html
which contains all the additonal information you are looking for.
Unfortunately, this document can only be downloaded from U.S./Canada
sites.
>
> There is also a small comment on the properties of a digest (in The
> MessageDigest Class). People often also like that a digest has the
> property that it is computationally infeasible to find any two
> (non-trivial) different input strings that will generate the same
> digest. This property is a harder property, but may be important in
> some cases. You may want to mention the property anyway.
Thanks, we'll add this!
Jan