JDK-6273877 : Better support for NSS keystore
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: javax.crypto:pkcs11
  • Affected Version: 6
  • Priority: P2
  • Status: Resolved
  • Resolution: Fixed
  • OS: generic
  • CPU: generic
  • Submitted: 2005-05-20
  • Updated: 2010-04-02
  • Resolved: 2005-05-27
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
6 betaFixed
Related Reports
Duplicate :  
From http://jplan.sfbay/feature/076 :

Network Security Services (NSS) is the library that is used for all security functions in Mozilla as well as by all native components of the JES stack. Via the PKCS#11 support in Tiger, it is already possible the access the NSS keystore. This feature intends to address a few missing pieces:

 . NSS stores configuration information about its PKCS#11 modules in its secmod.db file, which we currently do not understand. By accessing this information we could reduce/eliminate the need for manual configuration.

 . NSS uses non-standard attributes to mark certificates as trusted. We should add support for them.

AppServer and Access Manager have expressed their unhappiness about the current state of affairs and the extra work it causes them.

Plugin decided to use the JSS library to access NSS rather than the JDK's PKCS#11 support because of the configuration issue. However, JSS is receiving little attention in Sun now and therefore may not be a viable long term solution.

###@###.### 2005-05-20 18:41:46 GMT

EVALUATION Integrator marking as integrated. Please check with RE in order to determine what the real evaluation was. ###@###.### 2005-05-27 16:34:35 GMT