Javasoft SSL Beta

Warren McCoubrey (mccoubre@direct.ca)
Mon, 10 Mar 1997 18:23:48 -0800

Date: Mon, 10 Mar 1997 18:23:48 -0800
From: Warren McCoubrey <mccoubre@direct.ca>
To: java-security@java.eng.sun.com
Subject: Javasoft SSL Beta

Hello,
I have a number of questions wrt the SSL API released early last week
(beta java web-server).

1. What exactly does SSLServerSocket.setNeedClientAuth() do ? Is the
server instructing the client to perform a self-authentication , or is
the server instructing the client to sign something and send it back so
that the server can verify it. The documentation accompanying the java
web-server mentions that SSL client authentication is currently not
supported, how does this relate to the setNeedClientAuth() method ?

2. If SSL client authentication is not supported in the Beta release,
will the exception SSLPeerUnverfied be thrown when the server attempts
to access the client's certificate chain ?

3. What index value is used on an authentication context by a SSL socket
or socketServer to obtain the private keys or certificates used to
self-authenticate or initate a SSL handshake. Is there a fixed index ?
In the alpha2 release, a SSL socketServer was constructed with a
private-key and certificate chain. How does it get that info now ?

4. I believe that there was a class supporting X.509 cerficate chains in
the alpha2. I can't seem to find it in the API documentation. Any ideas
?

/warren