| Topics |
-
Action Items
-
The action item concerning the installation of "PC Dan Anywhere" is still
open. Dan will install the client on Ming's laptop and the server on Grace's
SEI desktop.
-
Technical Note Draft 7
-
Draft 7 is still not ready. We are adding the comments returned by Scott
on Draft 6, information on write/delete capability, introduction, summary,
and abstract.
-
Status of write/delete capability
-
We are having problems with hashDelete(). It deletes the data from memory,
but not from the disk. This also happens in the C code.
-
Suggestions were:
-
Check the way the file is being opened (flags).
-
Get the C code to work first
-
Q&A Session
-
All questions were covered.
-
Decisions made:
-
The method deleteEntry() should work as it is now, that is, delete a certificate
and its private key if it has one and is not associated to other certificates.
-
Do not load certificates with an empty alias and an empty e-mail address.
-
The method setKeyEntry() should create a certificate with the first certificate
in the chain.
-
Add e-mail to the subject record if it has one.
-
The certificates in the chain, except for the first one, do not have to
be added to the keystore no do they have to exist.
-
The certificates in the chain, except for the first, do not have private
keys.
-
Stil open issues:
-
How to deal with duplicate certificates
-
Check OIDs to see if there is a better way to set the flags required by
Netscape in the subject record. Also look at what Netscape does.
-
What does Java mean by "trusted" certificatte
-
What does Java mean by protected key
-
Is there a way to determine the MIME options from the certificate. Look
at SEC_OID_PKCS9_SMIME_CAPABILITIES.
-
Test plan
-
Add test cases to the test plan based on user scenarios
-
Create a unit test for each method in NDBSKeyStore where all possibilities
for that method are tested
|