From Weijun.Wang at Sun.COM Wed Sep 26 01:13:31 2007 From: Weijun.Wang at Sun.COM (Weijun Max Wang) Date: Wed, 26 Sep 2007 16:13:31 +0800 Subject: [security-dev 00015]: Retrieve the effective ProtectionDomains of a AccessControlContext? Message-ID: <46FA14AB.1060409@sun.com> Hi Guys What's the best way to find out what ProtectionDomains are effective currently (or for a given AccessControlContext)? For "effective", I mean those since the last doPrivileged call. Thanks Max From Bradford.Wetmore at Sun.COM Thu Sep 27 15:26:49 2007 From: Bradford.Wetmore at Sun.COM (Brad Wetmore) Date: Thu, 27 Sep 2007 15:26:49 -0700 Subject: [security-dev 00016]: Crypto has been added to OpenJDK Message-ID: <46FC2E29.9080707@sun.com> News from the encumbrance-removal front: For those who have already downloaded B21 from openjdk.java.net, you might have already noticed some new code. We have just added the cryptographic code (aka JCE) to the OpenJDK source tree. This includes the framework (javax.crypto and friends), the SunJCE provider, and the crypto portions of the SunPKCS11 and SunMSCAPI providers. The OpenJDK framework does not restrict which cryptographic providers can be used. That will not be appropriate for all situations, so let me stress: Compliance with United States export controls and with local law governing the import/export of products incorporating the JCE in the OpenJDK is the responsibility of the licensee. We (Sun) can not give legal guidance on this issue, so please consult a qualified attorney who specializes in import/export issues. Thanks for your patience during the removal of this encumbrance. Thanks, Brad From Janet.Koenig at Sun.COM Thu Sep 27 16:28:35 2007 From: Janet.Koenig at Sun.COM (Janet Koenig) Date: Thu, 27 Sep 2007 16:28:35 -0700 Subject: [security-dev 00017]: Re: Crypto has been added to OpenJDK In-Reply-To: <46FC2E29.9080707@sun.com> References: <46FC2E29.9080707@sun.com> Message-ID: <46FC3CA3.20607@sun.com> That's great news! I know this has been a big challenge so thanks for continuing to drive this and making it happen! Regards, Janet Brad Wetmore wrote: > > News from the encumbrance-removal front: > > For those who have already downloaded B21 from openjdk.java.net, you > might have already noticed some new code. We have just added the > cryptographic code (aka JCE) to the OpenJDK source tree. This > includes the framework (javax.crypto and friends), the SunJCE > provider, and the crypto portions of the SunPKCS11 and SunMSCAPI > providers. > > The OpenJDK framework does not restrict which cryptographic providers > can be used. That will not be appropriate for all situations, so let > me stress: > > Compliance with United States export controls and with local law > governing the import/export of products incorporating the JCE in the > OpenJDK is the responsibility of the licensee. > > We (Sun) can not give legal guidance on this issue, so please consult > a qualified attorney who specializes in import/export issues. > > Thanks for your patience during the removal of this encumbrance. > > Thanks, > > Brad From Bradford.Wetmore at Sun.COM Fri Sep 28 09:21:14 2007 From: Bradford.Wetmore at Sun.COM (Brad Wetmore) Date: Fri, 28 Sep 2007 09:21:14 -0700 Subject: [security-dev 00018]: Re: Crypto has been added to OpenJDK In-Reply-To: <46FCD99F.9030802@kaffe.org> References: <46FC2E29.9080707@sun.com> <46FC3CA3.20607@sun.com> <46FCD99F.9030802@kaffe.org> Message-ID: <46FD29FA.40706@sun.com> Dalibor Topic wrote: > Janet Koenig wrote: >> That's great news! I know this has been a big challenge so thanks for >> continuing to drive this and making it happen! >> Regards, >> Janet > > Thanks from over here, too. You're welcome. It was a...challenge, as Janet said. :) > No blog on planetjdk.org on it yet? ;) I've yet to create a blog. It's been on my to-do list for far too long. I would probably end up blogging about my outside pursuits, which might be boring unless you like marching bands, travel, or pyrotechnics (not the internal politics kind, but the ones in the sky). ;) I should really create one, I've got a couple topics that you might be interested in from the internal perspective. I'm one of several gatekeepers, so I started writing a couple ideas down about how our internal "gatekeeper" process works, and the overall process of getting fixes into OpenJDK while making sure the quality stays up. The quality *HAS* to stay up, as people will be betting their businesses (or have already) on the code all of us will be developing. Coding in this project is an awesome responsibility, and one that is sometime lost by people who just want to "play with something." Anyway, this quality perspective is "common knowledge" to us gatekeepers, so it might be worth sharing details about what really goes on in the trenches. It is probably a good topic for a blog rather than this email, so maybe I'll get off my duff and do it soon. Oh, and how the coming switch to Mercurial will rock our internal world. So many build/test scripts to update. Brad P.S. When I had gatekeeper duty years ago, if someone "broke the build," I would hang a hangman's noose made from an power cord over their office doorway. You didn't want the noose, because everyone knew what it meant without saying anything. I haven't quite figured out how to do a virtual noose, so please, just don't "break the build." ;) From robilad at kaffe.org Fri Sep 28 03:38:23 2007 From: robilad at kaffe.org (Dalibor Topic) Date: Fri, 28 Sep 2007 12:38:23 +0200 Subject: [security-dev 00019]: Re: Crypto has been added to OpenJDK In-Reply-To: <46FC3CA3.20607@sun.com> References: <46FC2E29.9080707@sun.com> <46FC3CA3.20607@sun.com> Message-ID: <46FCD99F.9030802@kaffe.org> Janet Koenig wrote: > That's great news! I know this has been a big challenge so thanks for > continuing to drive this and making it happen! > Regards, > Janet Thanks from over here, too. No blog on planetjdk.org on it yet? ;) cheers, dalibor topic