Hi, CCed the main classpath and gcj mailinglists to make everybody aware of this. On Sun, 2004年08月08日 at 04:48, Casey Marshall wrote: > I've updated the patch to import the APIs from GNU Crypto and Jessie, > which is still here: > > <http://syzygy.metastatic.org/crypto.patch.gz> > <http://syzygy.metastatic.org/crypto.ChangeLog> > > This cleans up a few comments, and adds the javax.security.sasl > package. > > I don't know when this will go in, nor am I sure that this is > completely compatible with the changes to the build scripts. Thanks! Sorry for the long delay. Yes, it can fianlly go in (but see below). I just wanted to clear everything with FSF legal first. So we know what the impact is on projects that are based on GNU Classpath. The situation with respect to U.S Export Regulations when we distribute crypto code is as follows: Free Software implementing crypto can in principle be exported from the U.S. when a certain BIS/ENC notification process is followed. The FSF has the required notfications on savannah and ftp.gnu.org to cover all GNU projects (this means GCC is automatically covered). This notification also covers all mirrors of GNU Classpath (or any project hosted on savannah/ftp.gnu.org). Note that it does not automatically cover new projects based on GNU Classpath that incorporate the new encryption source code when it is (re)exported from the U.S (like Kaffe). If you want to do that then please see the Bureau of Industry and Security (www.bxa.doc.gov) for more information about current U.S. regulations. In particular you will have to contact the BIS and the ENC Encryption Request Coordinator: http://www.bxa.doc.gov/Encryption/PubAvailEncSourceCodeNofify.html With that out of the way I want to thanks Casey and the other GNU Crypto hackers for making this possible in the first place. About the patch and the ChangeLog. They look fine to me. I only had two issues. First javax/net/ssl/HandshakeCompletedEvent.java and javax/net/ssl/SSLSession.java use javax.security.cert.X509Certificate. I don't know if we even want to provide the javax.security.cert package since it is obviously not needed by anyone (or is it?) Second you need to add the new Makefiles in the resources subdirectories to the configure.ac file (see below). With that fixed make distcheck works correctly and the source compiles with both jikes and gcj. So please check this in. And maybe we want to add a little NEWS blurb like: * New javax.crypto, javax.crypto.interfaces, javax.crypto.spec, javax.net, javax.net.ssl, javax.security.auth, javax.security.auth.callback, javax.security.auth.login, javax.security.auth.x500, javax.security.sasl and org.ietf.jgss are now officially part of GNU Classpath. Extra crypto algorithms can be obtained from the GNU Crypto project, a full TLS implementation is provided by the Jessie project. http://www.gnu.org/software/gnu-crypto/ http://www.nongnu.org/jessie/ Thanks, Mark Patch for configure.ac: --- configure.ac 1 Aug 2004 21:31:11 -0000 1.43 +++ configure.ac 13 Aug 2004 15:40:18 -0000 @@ -324,6 +324,9 @@ resource/java/Makefile resource/java/util/Makefile resource/java/security/Makefile +resource/org/Makefile +resource/org/ietf/Makefile +resource/org/ietf/jgss/Makefile lib/Makefile lib/gen-classlist.sh examples/Makefile])
Attachment:
signature.asc
Description: This is a digitally signed message part