Cryptix JCE for Java 1.4 Released

← Back to Stories (view on slashdot.org)

Cryptix JCE for Java 1.4 Released

Posted by michael on Friday January 3, 2003 @08:52AM from the java-plus-crypto-equals-good dept.

Yoda2 writes "A new snapshot of the Cryptix Java Cryptography Extensions (JCE) API was released on the Cryptix.org site yesterday. You can download the file here. Among other things, this finally allows for PGP encryption/decryption of files from the Java JDK 1.4 when used in conjunction with Cryptix OpenPGP."

24 comments

Min score:

Reason:

Sort:

worst post! by Anonymous Coward · 2003-01-03 09:07 · Score: 0

a toast to boast the first post ghost!
thank goodness by Anonymous Coward · 2003-01-03 09:07 · Score: 0

I've been waiting years for this, oh wait, no i haven't, i've never even heard of it before
one question.... by Anonymous Coward · 2003-01-03 09:09 · Score: 0

Michael, can we use this to censor people? If not, what do you recommend?
dumb name by Anonymous Coward · 2003-01-03 09:14 · Score: 0

sounds like a breakfast cereal. Or a toothpaste.

Or maybe a breakfast cereal and toothepaste in one!
SLASHDOTTED ALREADY! by Anonymous Coward · 2003-01-03 09:18 · Score: 0

there's a mirror here

Ed
obsolete soon :( by Anonymous Coward · 2003-01-03 09:21 · Score: 0

considering that Java 2.0 will be out real soon now (tm), I'm not sure why they bothered releasing a java 1.4 version.
1. Re:obsolete soon :( by ToastedBagel · 2003-01-03 20:09 · Score: 1
  
  > considering that Java 2.0 will be out real soon now (tm),
  
  Java 2.0? I've been looking for information about the release of Java 2.0 for last couple of hours (since I read your post), but I haven't found any. Are you sure Sun is releasing Java 2.0? Look, even if it were true, when is it really going to be released?
2. Re:obsolete soon :( by Anonymous Coward · 2003-01-03 22:25 · Score: 0
  
  Nope, the next Sun release is JDK 1.5 in spring 2003.
3. Re:obsolete soon :( by Anonymous Coward · 2003-01-05 13:26 · Score: 0
  
  gnu/java is curently at v 3.2.1, and 3.4 will be out by June.
great, but by Anonymous Coward · 2003-01-03 09:28 · Score: 0

well, it is nice to finally have a FREE encryption api, but it's not as FREE as they might have you believe.
First off, it uses Java, which is notoriously non- FREE. Due to heavy use of proprietary Sun (tm) Java(tm) extensions, it isn't usable with GNU java.
Second off, they rely on the PGP encryption too, which is closed source, and may contain NSA back doors. GPG would have been a better alternative
1. Re:great, but by ToastedBagel · 2003-01-03 14:22 · Score: 2, Insightful
  
  Hmmm...
  
  > First off, it uses Java, which is notoriously non- FREE.
  
  Are you talking about Java Verification Program (US$15,000 wow... http://www.keylabs.com/j2ee/trademark.html). Yes, it costs you a bit to get the license, but as long as you are writing (even enterprise) application for you or your organization, it's really free, right? No source code available for Sun JDK, but it costs US$0.00 to download it and use it, doesn't it?
  
  > Second off, they rely on the PGP encryption too, which is closed source, ...
  
  The reason that we have PGP today is that the author decided to make it open source (for various reasons), right? I just checked PGP Corporation web site (http://www.pgp.com/display.php?pageID=51#anch107) and they say that the source code is available. Am I missing something here?
In soviet russia... by Anonymous Coward · 2003-01-03 09:32 · Score: 0

they don't give a shit either!
Good stuff by Anonymous Coward · 2003-01-03 09:36 · Score: 0

cool. Hopefully, Linus will integrate this into the kernel soon. I know a lot of people that will switch from winblows once this is integrated.
Since my submission... by Yoda2 · 2003-01-03 09:37 · Score: 3, Informative

The Cryptix site was actually updated since my submission to announce an updated snapshot of OpenPGP. You can download it here.
1. Re:Since my submission... by Anonymous Coward · 2003-01-03 09:52 · Score: 0
  
  yeah, but no one cares.
10TH POST! by Anonymous Coward · 2003-01-03 09:42 · Score: 0
it's a new slashdot poll!
I think Kathleen (Fent) Malda is:
- A man in drag
- A transvestite
- A transexual
- You ever notice Cowboy Neal and Kathleen Fent are Never seen together?
WARNING - GOATSE LINK! by Anonymous Coward · 2003-01-03 09:47 · Score: 0

moderators, check the link! It redirects you to
goatse.cx. You have been warned.
Philosophy on an empty topic by Anonymous Coward · 2003-01-03 10:16 · Score: 0

If a person posts a Java story on Slashdot, and noone is around to reply to it, does it make a sound?
Progress by ChaosMourn · 2003-01-03 10:49 · Score: 3, Interesting

I'm glad to see this is finally making progress (at least their OpenPGP implementation is no longer a developer's release...), but I imagine it'll be a while yet until it's ready for commercial use. Unfortunately, it's the only game going for Java-based PGP (except for some API out of China). This leaves me doing some rather tacky things to use GPG in a commercial environment. Why is it that there's so little interest in a real Java API for PGP?
This is important by JohnA · 2003-01-03 13:10 · Score: 3, Insightful

Take note of this... until now, there were no open source implementations of the JCE that ran under JDK 1.4. Sun's implementation does not have source available, and they even went the extra step to obfuscate their JCE with DashO-Pro. Transparency is vital to cryptography, as anything less casts a shadow of doubt.

Just my humble opinion...
My prediction by 0x0d0a · 2003-01-03 17:39 · Score: 3, Insightful

I predict a stunning lack of impact in the Java using world -- people will continue using insecure storage and protocols and plaintext all over the place.

Developers *like* features. They have to have security *forced* upon them.

--
May we never see th
What about BouncyCastle by OttoM · 2003-01-03 20:31 · Score: 1

I think you are mistaken. BouncyCastle does have a JCE that is 1.5 compatible.
Cryptix is quite late with JCE compatibility.
1. Re:What about BouncyCastle by OttoM · 2003-01-03 20:36 · Score: 2, Informative
  
  Make that 1.4. I hit submit too soon by accident.
  What I meant to say is that until now, Cryptix implements the 1.1 version of JCE. This version was never offcially released by Sun. Any decent JCE provider should implement the 1.2 version of the JCE. Luckily Cryptix now seems to to this, after a long period of little activity.
2. Re:What about BouncyCastle by JohnA · 2003-01-04 04:52 · Score: 3, Informative
  
  Actually, I was referring to the JCE implementation as well as the provider implementation. According to the release page, their clean room JCE doesn't run under JDK 1.4. Cryptix provides a JCE implementation that runs under 1.4, as well as their provider.
  I was under the impression that the BouncyCastle license was less than free, but I was mistaken. It is a great package, and it's good to know that there are a variety of open implementations of strong crypto under Java.