Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230262 Summary: Review Request: jss - Java Security Services (JSS) Product: Fedora Extras Version: devel Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: normal Component: Package Review AssignedTo: nobody@xxxxxxxxxxxxxxxxx ReportedBy: rcritten@xxxxxxxxxx QAContact: fedora-package-review@xxxxxxxxxx Spec URL: http://directory.fedora.redhat.com/built/rpm_review/rcritten/jss.spec SRPM URL: http://directory.fedora.redhat.com/built/rpm_review/rcritten/jss-4.2.4-1.src.rpm Description: Java Security Services (JSS) is a java native interface which provides a bridge for java-based applications to use native Network Security Services (NSS). NOTE: JSS is a JCE-provider and needs to be signed in order to perform certain operations. Even though gcj doesn't enforce the signing requirement many of the JSS self-tests fail miserably, presumably due to deficiencies in gcj. The reason for requiring signing is to provide a level of confidence that the implemented provider you are using to perform your crypto operation is trusted. http://java.sun.com/javase/6/docs/technotes/guides/security/crypto/CertForm.txt "Only CSPs signed by a trusted entity can be plugged into the JCE framework." So the bottom line is that this JSS will work for some operations (like SSL client and server) but not for key generation and signing. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA contact for the bug, or are watching the QA contact. _______________________________________________ Fedora-package-review mailing list Fedora-package-review@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-package-review