Date: Fri, 25 Jun 1999 15:14:43 -0400
From: "Ralph G. Puga" <puga@tislabs.com>
To: Jan Luehe <luehe@laguna.eng.sun.com>
Subject: Re: JCE Keystore Bug ???
Jan,
Is there away to use the keytool to import x509v3 certificates and
associate them with both a private and public key pair? If so, how? I
have not been able to figure out a way to do this using the keytool.
Thanks,
--Ralph P.
Jan Luehe wrote:
>
> Ralph:
>
> > I have several questions regarding your answer.
> >
> > 1) If you are adding support for storing session keys in the JCE keystore in
> > an upcoming JCE 1.2 FCS release, what if any difference is there between the
> > JKS and the JCEKS implementations ?
>
> The implementation of the protection algorithm for
> sensitive key information differs between JKS and JCEKS.
>
> JCEKS provides a much stronger protection algorithm,
> based on triple DES.
>
> We did not put any strong crypto into the JDK,
> in order to avoid any export issues.
>
> > 2) When is the next JCE 1.2 FCS with the secret (session) key support due to
> > be released ?
>
> Hopefully within this month.
>
> Jan
-- Ralph G. Puga NEW---> puga@tislabs.com (!NEW!) NAI Labs (443) 259-2323 (Voice) 3060 Washington Rd. (RT.97) (800) 918-0622 (Beeper) Glenwood, MD 21738 (443) 259-2300 (Main) (301) 854-4731 (FAX)