[Standards-JIG] Encrypted sessions

Ian Paterson ian.paterson at clientside.co.uk
Sat Jun 10 11:52:27 UTC 2006


Jean-Louis wrote:
> Ian, I believe everybody appreciate your very cooperative 
> approach. And the JEP is of very good quality, showing you 
> did your homework.

Thanks :-)

> Speaking of re-use, I was wondering how much of the PKI key 
> management that is usually available on today's workstations 
> can be used to store the DH keys and integrated in a client 
> implementation? Long hours have already been spent by others 
> to make these stores "somewhat" secure. Leveraging these 
> stores would IMHO speed up adoption. But I am no client 
> programming expert. What is your view?

I agree implementors should use the existing stores where possible.

I expect you are aware that the "java.security" package includes the
"KeyStore" class which features a "store" method. I expect it would need
to be extended to support DH keys though - since they are not mentioned
here:
http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html#AppA

I don't know which libraries are available for other languages (since my
primary development language is JavaScript).

- Ian




More information about the Standards mailing list