logging-log4j-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Smith <Paul.Sm...@lawlex.com.au>
Subject RE: Web start app & Certificates - redux
Date Mon, 10 May 2004 03:06:20 GMT
> Yeah. I am hoping to get a free personal certificate for my 
> apache.org email
> address.  Perhaps we could all do that, and then we can all 
> potentially sign
> the Jars needed for download.
> As long as the foundation has no objections to this approach 
> (having us sign
> jars, and packages from other Apache projects like ORO) with 
> our apache.org
> email account), it should work well.

I've managed, after a bit of hair pulling, to remeber how to arrange this
certificate stuff.  So now I have a valid Thawte Personal Email certificate
for my psmith@apache.org email address.  I've also managed to sign the 3
jars necesarry to run Chainsaw via webstart (this means that I sign the
jakarta-oro jar too in this case).  Tested internally, works nice, although
JavaWebStart gives a small warning to say "Hey, are you ok with this
certificate?", which I am 80% it'll do with ANY certificate... I think.

What I could do is copy up the latest jars to the website, modify the
Chainsaw page to point to the Webstart installation, and people could give
it a whirl..... Anyone have any objections? (Hell, you users can always opt
to say "No way do I trust psmith@apache.org")

Then, periodically, I could resign the log4j and log4j-chainsaw jars as they
are updated and copy them back up to the webserver.

How does that sound to people?

BTW, I found this URL incredibly useful: 



Paul Smith

To unsubscribe, e-mail: log4j-dev-unsubscribe@logging.apache.org
For additional commands, e-mail: log4j-dev-help@logging.apache.org

View raw message