Date: Fri, 17 Jan 1997 14:45:19 -0800 (PST)
From: David Rudder <drig@novitacom.com>
To: java-security@java.eng.sun.com
Subject: Re: questions for reviewers of Java security APIs
In-Reply-To: <199701172225.OAA03860@puffin.eng.sun.com>
On Fri, 17 Jan 1997, Marianne Mueller wrote:
>
> Dear Reviewers,
>
> Please take a moment to answer a couple of the questions below. Don't
> answer the ones you don't feel like answering, but please do take 10
> minutes to send us some feedback.
>
> We're especially interested in technical feedback on the APIs; the
> questions here are meant to prompt for feedback. Feel free to send in
> comments that don't fit into any of the questions below.
>
> Send feedback to java-security@java.sun.com.
>
> Send mail to mrm@eng.sun.com if you'd like to be taken off this
> announcement list.
>
>
>
> 1. Have you used the JDK 1.1 beta digital signature APIs?
No, but I looked at some of the pre-alpha classes. Seems as if you use
Diffie-Hellman key exchange with DSA for signatures. *shrug* Looks good
to me, partiularly since Whitfield Diffie is a Sun employee.
> Which APIs? Have you used the code to write an application
> or an applet?
>
>
>
> 2. Have you used the JDK 1.1 beta digital signature technology
> to create signed JAR files? For applets or applications?
No. At this point, my work doesn't require it. I'd like to use this in
the future, but it still seems immature.
>
>
>
> 3. Do you plan to use the Java Cryptographic Extension APIs?
Yes, I hope.
> Check each class plan to use:
>
> Cipher
> CipherInputStream
> CipherMode
> CipherOutputStream
> KeyGenerator
> SecretKey
Um, it depends on if you are using RSA or Diffie-Hellman and what the
liscensing issues are. I won't use Diffie-Hellman for any privacy
concerns (vulnerable to the man in the middle attack according to Bruce
Schneier), but for authentication, it should be fine. The problem with
your API is :
There is no clear cut way of figuring out what it does
You don't supply the source code
I can't trust a class that I don't have the source code to when it comes
to cryptography.
> DES
check
> PKCS5
check
>
>
>
> 4. Have you read through the JCE APIs?
I try to read everything you send us. I'm getting confused with all the
acronyms, though, so I forget what JCE stands for. Is this JAva
Cryptographic Extensions? I've seen a JCK, which I forget what it stands
for, and a JEC which is Java Electronic Commerce, but I can't seem to
find any JCE.
As far as the crypto-stuff goes, the only stuff I've found has been a
Javadoc output. It wasn't very helpful.
> Was any part difficult to understand? Do you have any comments on
the overall
> structure of the APIs?
Just that you should either release the source code or not bother
releasing it at all. This isn't because I want free software. You're
already giving it away for free. Rather, I want software I can trust.
As it stands, I have no good reason for believing your stuff is secure.
>
>
>
> 5. Are you more interested in the API (application programmer interface)
> or the SPI (service provider interface?) Is this difference clear?
I have no clue what you're talking about.
>
>
>
>
> 6. What other cryptographic APIs are you using?
I used Systemic's Crypto classes, but eventually had to write my own for
100% Java. I'd have much preferred using a premade package, but there
wasn't anything available at the time. And, of course, I need the source
code.
Actually, I am using one Sun class. java.security.Numeric. I think you
discontinued this, but it is a very nice multiple precision integer
library and you should continue to use it. I fear a little for the
security in using this class, but I'm not ready to write my own, so I
guess I made a (possibly unwise) concession.
>
>
>
> 7. What is your development platform? (win95, winNT, solaris, macos, linux,
> ...)
Linux
>
>
>
-Dave
drudder@novitacom.com
Least Favorite Acronym: ASAP
Favorite Acronym: GNU