[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [equinox-dev] TrustEngine and other security services

Thanks John,

I see that the code you mention does use a TrustEngine to attempt to persist newly trusted certificates.  But I wonder if there are any implementations of the TrustEngine service that are not read-only.  The framework registers a built-in TrustEngine that is backed by the CA certs that are configured with the VM but this TrustEngine is read-only.

Tom



Inactive hide details for John Arthorne ---01/02/2013 08:43:48 AM---p2 uses the TrustEngine to persist newly trusted certificatJohn Arthorne ---01/02/2013 08:43:48 AM---p2 uses the TrustEngine to persist newly trusted certificates after  prompting the user. See org.ecl

From: John Arthorne <John_Arthorne@xxxxxxxxxx>
To: Equinox development mailing list <equinox-dev@xxxxxxxxxxx>,
Date: 01/02/2013 08:43 AM
Subject: Re: [equinox-dev] TrustEngine and other security services
Sent by: equinox-dev-bounces@xxxxxxxxxxx





p2 uses the TrustEngine to persist newly trusted certificates after prompting the user. See org.eclipse.equinox.internal.p2.engine.phases.CertificateChecker. 

http://git.eclipse.org/c/equinox/rt.equinox.p2.git/tree/bundles/org.eclipse.equinox.p2.engine/src/org/eclipse/equinox/internal/p2/engine/phases/CertificateChecker.java 

John
 



From:        
Thomas Watson <tjwatson@xxxxxxxxxx> 
To:        
Equinox development mailing list <equinox-dev@xxxxxxxxxxx>,
Date:        
01/02/2013 09:28 AM 
Subject:        
Re: [equinox-dev] TrustEngine and other security services 
Sent by:        
equinox-dev-bounces@xxxxxxxxxxx 




The TrustEngine is largely used as an implementation detail behind the org.eclipse.osgi.signedcontent package.  OSGi services published with using the org.eclipse.osgi.service.security.TrustEngine interface are used to determine the authenticity of a certificate chain used to sign content (jars, bundles etc.).  I did not remember p2 using the TrustEngine directly, but perhaps it does for authenticating other types of certificates.

Sorry, other than the javadoc published for the packages there is not a lot of documentation here.

Tom




Inactive hide details for Pascal Rapicault ---12/29/2012 03:51:46 AM---The p2 engine makes use of the TrustEngine, however I doPascal Rapicault ---12/29/2012 03:51:46 AM---The p2 engine makes use of the TrustEngine, however I don't remember the details of how it works. Yo

From:
Pascal Rapicault <pascal@xxxxxxxxxxxxx>
To:
Equinox development mailing list <equinox-dev@xxxxxxxxxxx>,
Date:
12/29/2012 03:51 AM
Subject:
Re: [equinox-dev] TrustEngine and other security services
Sent by:
equinox-dev-bounces@xxxxxxxxxxx




The p2 engine makes use of the TrustEngine, however I don't remember the details of how it works.
You may also want to poke around at other parts of p2 as I just happen to remember about this ref in the engine, but there may be others.

HTH

Pascal

On 2012-12-29, at 5:47 AM, Scott Lewis wrote:

> Hello,
>
> Is there documentation on Equinox security services like org.eclipse.osgi.service.security.TrustEngine service...and implementation?  I looked in the Equinox Security area [1], but didn't find a lot of service/API docs.   Is/are there examples of using the TrustEngine service(s)?
>
> Thanks,
>
> Scott
>
>
>
> _______________________________________________
> equinox-dev mailing list
> equinox-dev@xxxxxxxxxxx
>
https://dev.eclipse.org/mailman/listinfo/equinox-dev

_______________________________________________
equinox-dev mailing list
equinox-dev@xxxxxxxxxxx

https://dev.eclipse.org/mailman/listinfo/equinox-dev

_______________________________________________
equinox-dev mailing list
equinox-dev@xxxxxxxxxxx

https://dev.eclipse.org/mailman/listinfo/equinox-dev
_______________________________________________
equinox-dev mailing list
equinox-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/equinox-dev

GIF image