Appendix B. Identity-Based Key Management
In Java 1.1, the primary tool that was used for key management was
javakey, which is based heavily on the
Identity and IdentityScope
classes. The keytool utility that comes with 1.2[43] is a better way to implement key
management, and the KeyStore class on
which keytool is based is definitely more
flexible than the classes on which javakey is
based. In addition, the javakey database uses some classes and
interfaces that have been deprecated in 1.2—primarily the
java.security.Certificate interface.
Nonetheless, for developers who are still using 1.1, a key management
system based upon the Identity and
IdentityScope classes is the only possible
solution. In this appendix, we’ll show how these classes can be
used for key management. All of the techniques we’ll discuss in
this appendix have a complementary technique in key management with
the KeyStore class. In addition, the
Identity and IdentityScope
classes have been deprecated in 1.2, so you should really move to the
keystore implementation as soon as possible.
Identities
You probably noticed in Chapter 10 that none of the key classes had any notion of whom the key belonged to. Keys are really just an arbitrary-appearing series of bytes. The set of classes we’ll examine now deal with the notion of identity: the entity to which a key belongs. An identity can represent an individual or a corporation (or anything else that can possess a public or a private key).
The Identity Class
First ...
Get Java Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
