james-server-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Craig Raw <cr...@quirk.biz>
Subject Re: Domain Keys (Was: jSPF and James?)
Date Tue, 05 Jun 2007 08:11:34 GMT
Hi Tom,

I've been trying out your DK signing mailet - thanks for your hard work. Some feedback:

I've downgraded the code (or at least the areas I'm using) to Java 1.4. I've also changed
the 
temporary file handling a little - the mailet (or more specifically GenericSigner and 
GenericVerifier) do not seem to close or delete the temporary file, which in a long running
process 
may prove to be problematic. I added a finally block to do this in each of the classes above.

Otherwise, the mailet seems to be working well so far.

Ciao,
Craig


Tom Brown wrote:
> Thanks for the feedback!
> 
> 1) If there are alternatives to using the sun.* classes, I'd be happy
> to use them! However, I'm not that experienced with java cryptography
> features, and for some reason, it would only work when the key stuff
> was directly instantiated.
> 
> 2) I was unaware that the StringBuilder was only available in java 5.
> (I guess I should have done my homework). However, I don't know of any
> other parts of the code that are java 5 only, but I guess I'd have to
> try and compile it with an older JDK to find out...
> 
> 3) I believe this is a full implementation. The Yahoo! site links to a
> revision 3 of the specification (broken link), but I was using
> revision 6 that I found somewhere.
> 
> 4) I am very interested in upgrading the DK suite to DKIM. They are
> similar in a lot of ways, though not exact. The DKIM spec is about
> twice as long as the DK spec, and has more options-- but it's the same
> principles.
> 
> 
> Q. does Yahoo! have a compliance test suite?
> 
> A. I couldn't ever find one. However, I did find some public mail
> servers advertising to test the DK implementation. I had a lot of
> success when using:
> 
> http://www.skylist.com/resources/authentication.php
> 
> 
> Tom
> 
> On 12/31/06, Stefano Bagnara <apache@bago.org> wrote:
>> Tom Brown wrote:
>> > I have submitted the code via JIRA. I believe it's issue #12359570.
>> >
>> > Tom
>>
>> First of all, thank you! It's always cool to receive code contributions!
>>
>> I gave the code a really fast review and I have some comment/question:
>>
>> 1) I noticed a class using 2 sun.* classes.
>>
>> import sun.misc.BASE64Decoder;
>> import sun.security.rsa.RSAPublicKeyImpl;
>>
>> That code is tied to the SUN libraries.
>>
>> What about using a KeyFactory to generate the RSA public key?
>> http://java.sun.com/j2se/1.4.2/docs/api/java/security/KeyFactory.html
>>
>>
>> 2) I see you use StringBuilder so the code is tied to Java5. If we want
>> to make it releasable with current James we have to backport it to Java2
>> 1.4 (replace it with StringBuffer). Is there anything else depending on
>> java5 ?
>>
>>
>> 3) I don't know the DK specification: is it fully supported by this
>> code? or is it a partial implementation?
>>
>>
>> 4) I don't know what are the differences between DK and DKIM: do you
>> plan to work also on DKIM or in any way support DKIM, too?
>>
>>
>> Stefano
>>
>> PS: Robert, is this work somehow related to the reorganization of crypto
>> code (SMIME/PGP) discussed here
>> http://issues.apache.org/jira/browse/JAMES-596 ?
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
>> For additional commands, e-mail: server-dev-help@james.apache.org
>>
>>
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
> For additional commands, e-mail: server-dev-help@james.apache.org
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org


Mime
View raw message