[cp-patches] Re: RFC: add a cacerts file under
Raif S. Naffah
raif at swiftdsl.com.au
Fri Jun 9 10:49:50 UTC 2006
On Friday 09 June 2006 09:16, Tom Tromey wrote:
> >>>>> "Mark" == Mark Wielaard <mark at klomp.org> writes:
> Mark> I CCed the devjam list on which a couple of different
> distribution Mark> packagers are subscribed. Devjam people, Raif
> added support for Mark> importing trusted ca-certs to GNU Classpath
> so our tls/ssl Mark> implementation for example can just reuse the
> ca-certs that are already Mark> packaged for an distribution (for
> example those used by Mozilla).
> I know zilch about this area, so forgive me if my questions are
> Why read these files and transform them into something we can
to offer similar capabilities as the RI's version of the keytool.
> Why not read them dynamically, as needed? That way if a
> new cert is installed, a newly run VM will pick it up automatically.
there are cases where this is not possible or desired:
* there is no such location on the machine with a Classpath + VM.
* these certificates are in more than one directory, with no direct
* the directory/directories containing these certificates exist but may
not be available or accessible to the keytool user.
* the same version of Classpath + VM, installed on different machines
may end up with different cacerts file.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
Url : http://developer.classpath.org/pipermail/classpath-patches/attachments/20060609/106caf2d/attachment.pgp
More information about the Classpath-patches