module file reading/writing
Dalibor Topic
Dalibor.Topic at Sun.COM
Tue Mar 30 15:45:06 PDT 2010
Sean Mullan wrote:
> Hi Dalibor,
>
> I'm wondering why you would want to extract a module-file?
I implemented it because it made testing the module format during
development a bit simpler - extract, compare with originals, on to
the next part in the spec.
> Wouldn't you
> always want to install to a library directly from a module-file?
Yes.
> I'm also thinking about when signatures should be verified. Once you
> extract the module, the signature can no longer be subsequently verified
> (since it is over the compressed content). However, it seems that
> signature verification (and other security validation logic such as
> certificate validation, policy checks) should really be done as part of
> the install phase.
Yep.
> Can you describe what the difference is between extract and install, and
> why you need both?
Extract really just treat the module file as a container for data,
which becomes problematic once we have signatures to keep for
verification - so I don't think that we need both.
cheers,
dalibor topic
--
*******************************************************************
Dalibor Topic Tel: (+49 40) 23 646 738
Java F/OSS Ambassador AIM: robiladonaim
Sun Microsystems GmbH Mobile: (+49 177) 2664 192
Nagelsweg 55 http://openjdk.java.net
D-20097 Hamburg mailto:Dalibor.Topic at sun.com
Sitz der Gesellschaft: Sonnenallee 1, D-85551 Kirchheim-Heimstetten
Amtsgericht München: HRB 161028
Geschäftsführer: Thomas Schröder
More information about the jigsaw-dev
mailing list