Re: JCE Keystore Bug ???

Ralph G. Puga (puga@tislabs.com)
Fri, 25 Jun 1999 15:14:43 -0400

Date: Fri, 25 Jun 1999 15:14:43 -0400
From: "Ralph G. Puga" <puga@tislabs.com>
To: Jan Luehe <luehe@laguna.eng.sun.com>
Subject: Re: JCE Keystore Bug ???

Jan,

Is there away to use the keytool to import x509v3 certificates and
associate them with both a private and public key pair? If so, how? I
have not been able to figure out a way to do this using the keytool.

Thanks,
--Ralph P.

Jan Luehe wrote:
>
> Ralph:
>
> > I have several questions regarding your answer.
> >
> > 1) If you are adding support for storing session keys in the JCE keystore in
> > an upcoming JCE 1.2 FCS release, what if any difference is there between the
> > JKS and the JCEKS implementations ?
>
> The implementation of the protection algorithm for
> sensitive key information differs between JKS and JCEKS.
>
> JCEKS provides a much stronger protection algorithm,
> based on triple DES.
>
> We did not put any strong crypto into the JDK,
> in order to avoid any export issues.
>
> > 2) When is the next JCE 1.2 FCS with the secret (session) key support due to
> > be released ?
>
> Hopefully within this month.
>
> Jan

-- 
Ralph G. Puga               NEW--->    puga@tislabs.com (!NEW!)
NAI Labs                               (443) 259-2323 (Voice)
3060 Washington Rd. (RT.97)            (800) 918-0622 (Beeper)
Glenwood, MD 21738 (443) 259-2300 (Main) (301) 854-4731 (FAX)