Encryption via RMI

Andreas Schulz-Dieterich (ASCHULZD@DE.oracle.com)
09 Apr 98 12:41:57 +0200

Message-Id: <199804091046.MAA13331@mailm1>
Date: 09 Apr 98 12:41:57 +0200
From: "Andreas Schulz-Dieterich" <ASCHULZD@DE.oracle.com>
To: java-security@web4.javasoft.com
Subject: Encryption via RMI

Dear Sirs,

in our big consulting project for the State of Berlin we are using RMI as
the
communication channel between the application server and the applet.

Due to privacy regulations we need to encrypt the transferred data with a
symmetric algorithm with at least 56 bit keys.

We are using JDK 1.1.2 on different flavours of Unix servers (HP, AIX, ...)
and for the moment Netscape Navigator 4.0 (+Patch) on Win95 as Client.

As far as I understand, JDK 1.2 will allow the usage of a "RMI socket
factory"
in combination with several SSL implementations (Baltimore, JCP, IAIK).

Unfortunately our system has to go into production within a month, so we are=

not in the situation to wait until JDK 1.2 will be production.

Do you have any helpful hints for our problems? Again, in short:
- How to encrypt a RMI connection in JDK 1.1.*?
- Which solution is available outside U.S.?

A few words on our background: Subject of the project BASIS II is the
realization of a technological re-development and functional enhancement of
the software for the Social Security of Berlin. Approximately 3000 users in
about 70 offices will use this system for about 400.000 cases. The project
is
scheduled to be finished by mid 2000, but the first part has to be delivered=

within a month.

Thank you for your help.

Sincerely
-Andreas Schulz-Dieterich

Andreas Schulz-Dieterich \\ Oracle Deutschland GmbH
Consultant \\ Oracle Consulting Services
Oramail:ASchulzD.de \\ Niederlassung Berlin
Phone: +49-30-435795-169 \\ Wittestr. 30 N
FAX: +49-30-435795-419 \\ 13509 Berlin
Email: ASchulzD@de.oracle.com \\
HTTP: http://www-basis.de.oracle.com (oracle internal only)
HTTP: http://www.oracle.com (available to everybody)