zoukankan      html  css  js  c++  java
  • PSE Access Service

    http://weblogs.java.net/blog/bondolo/archive/2006/04/pse_access_serv.html

    ——————————————————————————————————————————————————————

    PSE Access Service

    Posted by bondolo on April 14, 2006 at 2:09 PM EDT
    A couple of weeks ago I mentioned a new PSE based Access Service for JXTA. Well, a primordial version has now appeared as part of issue #1517. The current version is functional, but not deployable since it isn't actually secure.

    The point of posting this early version is to attempt to better understand the required API and usage patterns. I encourage JXTA application developers to begin exploring using Access Service in their programs. I've been doing so myself with an experimental enhancement to the Resolver Service which makes use of the new PSE Access Service. I'll probably post the modified Resolver Service in a few days when I'm more comfortable with the changes.

    It seems that integrating the PKIX validation (RFC 3280) may be a chore. Not that it's that hard, but it seems like there may be some work in getting all the various bits into the appropriate structures. For now the validation done by the PSE Access Service simply compares certificates chains via equals() to ensure that the provided credential was issued by a signer who had a parent in the "operation" certificate chain. This produces results which are naively the same as PKIX validation but it can be easily fooled by hand constructed certificate chains and it ignores matters such as certificate expiring and CRLs.

     

  • 相关阅读:
    如何实现虚拟机(VirtualBox)中的Ubuntu与Windows XP间的数据共享
    linux中安装sqlmap
    LookupError: unknown encoding: cp65001解决办法
    共勉
    Linux中安装Nginx
    touch: cannot touch `/home/tomcat7/logs/catalina.out': Permission denied
    程序猿的十一条浮躁表现
    MySQL中varchar类型排序
    Gson和FastJson
    jquery-messager-消息提示
  • 原文地址:https://www.cnblogs.com/cuizhf/p/2222265.html
Copyright © 2011-2022 走看看