[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] An Idea for Version 3




It would be nice to see some improvements in the Trustdeciding area 
especially if certificate extensions are present.
The one thing is that critical extensions that are not understood lead to 
rejecting a certificate. I think of something like this 

TrustDecider td;
....
BasicContraintDecider bcd = new ...
td.add( bcd );
td.isTrustedPeer(certs) // SSLCertificate or something else

and in this method:
if (!bcd.check(i,certs)) return false;


It's just an idea. What do the others think?

	Stefan

--
Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-jce/maillist.html

To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-jce