Java开发网 Java开发网
注册 | 登录 | 帮助 | 搜索 | 排行榜 | 发帖统计  

您没有登录

» Java开发网 » Java Security  

按打印兼容模式打印这个话题 打印话题    把这个话题寄给朋友 寄给朋友    该主题的所有更新都将Email到你的邮箱 订阅主题
flat modethreaded modego to previous topicgo to next topicgo to back
作者 for x.509 certificate
lping9188



发贴: 0
积分: 0
于 2003-04-08 16:13 user profilesend a private message to usersearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
由于业务系统的需要,能否在X.509格式的证书(或其扩展)中,加入其它的一些用户信息?能否提供一些相关的资料?
先谢谢了



作者 Re:for x.509 certificate [Re:lping9188]
menzy



版主


发贴: 754
积分: 113
于 2003-04-09 07:46 user profilesend a private message to usersearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
你需要加如何种信息?
首先,如果需要扩展,‘必须X509v3格式
其次,MerchantData私用扩展可以满足部分需要
但是,我觉得你所提是的用户信息不应当放再证书里面,而是应当放在application中控制



作者 Re:for x.509 certificate [Re:menzy]
floater

Java Jedi

总版主


发贴: 3233
积分: 421
于 2003-04-10 03:42 user profilesend a private message to usersearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
menzy wrote:
你需要加如何种信息?
首先,如果需要扩展,‘必须X509v3格式
其次,MerchantData私用扩展可以满足部分需要
但是,我觉得你所提是的用户信息不应当放再证书里面,而是应当放在application中控制

agreed! If it's not cert related, put it somewhere else, e.g., db, and hook it with the DN name in the cert.



"Any fool can write code that a computer can understand. Good programmers write code that humans can understand."
- Martin Fowler, Refactoring - Improving the Design of Existing Code
作者 Re:for x.509 certificate [Re:lping9188]
lping9188



发贴: 0
积分: 0
于 2003-04-10 05:43 user profilesend a private message to usersearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
谢谢版主的回复。
我的本意是能不能产生一个商品证书,不仅有公钥等信息,还包括商品的一些属性,而这些属性值放在证书里的原因,有两点:
1、希望该属性值能够得到权威机构(如CA)的确认;
2、网上其它用户通过证书也能得到属性值。
这只是我不成熟的想法,
不知可不可行,还望指教
谢谢



作者 Re:for x.509 certificate [Re:lping9188]
floater

Java Jedi

总版主


发贴: 3233
积分: 421
于 2003-04-10 11:32 user profilesend a private message to usersearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
I don't think you can do this at least in here, because there is a legal document associated with this CA. I don't know the details about legal stuff, but I know it's a huge issue, I forgot the word for it(damn!) but it did drag me for several months.

Besides, I don't feel right about this idea, bundling the product info, nay.



"Any fool can write code that a computer can understand. Good programmers write code that humans can understand."
- Martin Fowler, Refactoring - Improving the Design of Existing Code
作者 Re:for x.509 certificate [Re:lping9188]
menzy



版主


发贴: 754
积分: 113
于 2003-04-10 15:47 user profilesend a private message to usersearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
目前不可能,尤其是需要通过CA这一关。
为什么有这种需求呢?



作者 Re:for x.509 certificate [Re:lping9188]
lping9188



发贴: 0
积分: 0
于 2003-04-10 16:23 user profilesend a private message to usersearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
目前参与一个安全数据交换的协议的设计,这个协议有一些假定,
我仅是想将一些假定正确的数据”放”到证书里去,从而交易的双方都知道,来实现假定。
顺便问一下,有无类似证书的数据结构,如果没有,只能设计一个类罗?
谢谢



作者 Re:for x.509 certificate [Re:lping9188]
floater

Java Jedi

总版主


发贴: 3233
积分: 421
于 2003-04-10 22:30 user profilesend a private message to usersearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
There is a X509 class in java.


"Any fool can write code that a computer can understand. Good programmers write code that humans can understand."
- Martin Fowler, Refactoring - Improving the Design of Existing Code
作者 Re:for x.509 certificate [Re:lping9188]
menzy



版主


发贴: 754
积分: 113
于 2003-04-11 13:27 user profilesend a private message to usersearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
X509 class cannot fit in your requirements


作者 Re:for x.509 certificate [Re:lping9188]
lping9188



发贴: 0
积分: 0
于 2003-04-14 21:41 user profilesend a private message to usersearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
Thanks a lot!
I'll solve this problem by other means.




flat modethreaded modego to previous topicgo to next topicgo to back
  已读帖子
  新的帖子
  被删除的帖子
Jump to the top of page

   Powered by Jute Powerful Forum® Version Jute 1.5.6 Ent
Copyright © 2002-2018 Cjsdn Team. All Righits Reserved. 闽ICP备05005120号
客服电话 0592-8750026    客服信箱 714923@qq.com    客服QQ 714923