From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Mon, 26 Feb 1996 15:42:54 +0800
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: Java configurability
In-Reply-To: <199602260229.VAA24656@homeport.org>
Message-ID: <Pine.SOL.3.91.960225215340.21721A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


Are you subscribed to coderpunks - this sounds very much like the 
SolidOak project on we're working on; this uses embedded singatures to 
authenticate bodies which vouch for the integrity of a class and it's 
referenced sub-classes. The current spec doesn't have dates for expiry in 
there, and doesn't really have versions for referenced classes (needs 
exact hashes), but does support signatures being added by multiple 
authorites at different times. It uses the Dns from the signatures as 
extra keys into the ACL.

I have to demo the currently speced system next week; after that I'll be 
trying to merge the spec with another simiar scheme to give a common 
standard for signed java classes; I'll try and post the spec as it 
currently stands tommorow when I'm at my dragon and can correct a few bits 
that got changed during implementation. 

Simon

---
They say in  online country             So which side are you on boys
There is no middle way                  Which side are you on
You'll either be a Usenet man           Which side are you on boys
Or a thug for the CDA                   Which side are you on?
  National Union of Computer Operatives; Hackers, local 37   APL-CPIO