* X.509 certificate tests
@ 2004-10-26 5:46 Casey Marshall
2004-10-26 15:46 ` Tom Tromey
0 siblings, 1 reply; 6+ messages in thread
From: Casey Marshall @ 2004-10-26 5:46 UTC (permalink / raw)
To: mauve-discuss
Hi,
I've repackaged the implementation of the PKITS [1] test suite I wrote
for the X.509 implementation I have been working on (and, might be
putting into Classpath) for Mauve.
The test tarball is quite large, as it contains a great many example
certificates and CRLs, so I have posted it here instead of to this
list:
<http://metastatic.org/source/pkits.tar.bz2>
--
Casey Marshall || csm@gnu.org
[1] http://csrc.nist.gov/pki/testing/x509paths.html
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: X.509 certificate tests
2004-10-26 5:46 X.509 certificate tests Casey Marshall
@ 2004-10-26 15:46 ` Tom Tromey
2004-10-26 17:09 ` Casey Marshall
0 siblings, 1 reply; 6+ messages in thread
From: Tom Tromey @ 2004-10-26 15:46 UTC (permalink / raw)
To: Casey Marshall; +Cc: mauve-discuss
Casey> I've repackaged the implementation of the PKITS [1] test suite I wrote
Casey> for the X.509 implementation I have been working on (and, might be
Casey> putting into Classpath) for Mauve.
Is this something that would fit into the existing mauve approach? If
not we can always make a new module in cvs.
Hmm, I see you don't have mauve write access. Let's change that.
Tom
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: X.509 certificate tests
2004-10-26 15:46 ` Tom Tromey
@ 2004-10-26 17:09 ` Casey Marshall
2004-10-26 17:20 ` Tom Tromey
0 siblings, 1 reply; 6+ messages in thread
From: Casey Marshall @ 2004-10-26 17:09 UTC (permalink / raw)
To: tromey; +Cc: mauve-discuss
>>>>> "Tom" == Tom Tromey <tromey@redhat.com> writes:
Casey> I've repackaged the implementation of the PKITS [1] test suite
Casey> I wrote for the X.509 implementation I have been working on
Casey> (and, might be putting into Classpath) for Mauve.
Tom> Is this something that would fit into the existing mauve
Tom> approach? If not we can always make a new module in cvs.
I don't see why not; all of the tests are very simple, and follow the
same pattern: parse some certificates, give them to the
CertPathValidator, and get a "yes" or "no" answer at the end.
The only really problematic part are the certificate data: they are
about 2.6M of binary goo. Any problem with including them?
--
Casey Marshall || csm@gnu.org
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: X.509 certificate tests
2004-10-26 17:09 ` Casey Marshall
@ 2004-10-26 17:20 ` Tom Tromey
2004-10-26 17:58 ` Casey Marshall
0 siblings, 1 reply; 6+ messages in thread
From: Tom Tromey @ 2004-10-26 17:20 UTC (permalink / raw)
To: Casey Marshall; +Cc: mauve-discuss
Casey> The only really problematic part are the certificate data: they are
Casey> about 2.6M of binary goo. Any problem with including them?
As long as there are no legal issues I don't see a problem. My copy
of mauve seems to be about 14M already, a few more megabytes won't
hurt.
Tom
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: X.509 certificate tests
2004-10-26 17:20 ` Tom Tromey
@ 2004-10-26 17:58 ` Casey Marshall
2004-10-26 20:33 ` Mark Wielaard
0 siblings, 1 reply; 6+ messages in thread
From: Casey Marshall @ 2004-10-26 17:58 UTC (permalink / raw)
To: tromey; +Cc: mauve-discuss
>>>>> "Tom" == Tom Tromey <tromey@redhat.com> writes:
Casey> The only really problematic part are the certificate data: they
Casey> are about 2.6M of binary goo. Any problem with including them?
Tom> As long as there are no legal issues I don't see a problem. My
Tom> copy of mauve seems to be about 14M already, a few more megabytes
Tom> won't hurt.
The test suite was developed by the US government, so it is not
subject to copyright.
Parts were contracted out by the NSA, but it seems that they have
stated that the test files are freely redistributable [1].
--
Casey Marshall || csm@gnu.org
[1] http://cio.nist.gov/esd/emaildir/lists/pkits/msg00047.html
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: X.509 certificate tests
2004-10-26 17:58 ` Casey Marshall
@ 2004-10-26 20:33 ` Mark Wielaard
0 siblings, 0 replies; 6+ messages in thread
From: Mark Wielaard @ 2004-10-26 20:33 UTC (permalink / raw)
To: Casey Marshall; +Cc: tromey, mauve-discuss
[-- Attachment #1: Type: text/plain, Size: 2037 bytes --]
Hi,
On Tue, 2004-10-26 at 19:58, Casey Marshall wrote:
> The test suite was developed by the US government, so it is not
> subject to copyright.
>
> Parts were contracted out by the NSA, but it seems that they have
> stated that the test files are freely redistributable [1].
Please add the following text from that to the README:
The test document and data were jointly developed by NIST and
DigitalNet. Any contribution made to this project by NIST is covered by
Title 17 Section 105 of the United States Code which states that any
work developed by the United State Government is not subject to
copyright protection (see http://www4.law.cornell.edu/uscode/17/105.html).
So, NIST's contributions to the test documentation and data are in the
public domain.
While DigitalNet's contributions to the documentation and data may be
subject to copyright, all of the work done by DigitalNet on this project
was done under contract for NSA. So, it would be up to NSA to decide
how DigitalNet's contributions to the project could be used. In
response to your query, I asked DigitalNet about the use of the test
suite and received the following response:
"V51 [of NSA] approved of the public release of the PKITS test data
and documents. There are no restrictions regarding their redistribution."
when you add this data.
Although we are more relaxed about accepting contributions to Mauve than
with for example GNU Classpath (for which we require written
confirmation by all contributors) we still want to have a record who
contributed what when. This can be done in the ChangeLog and the README
file though. Even if it wouldn't be a very big disaster if we ever have
to remove a test from mauve we should try to prevent ever having to be
in such a situation and prevent any unclearity about the origins of any
of the tests.
Thanks,
Mark
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2004-10-26 20:33 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2004-10-26 5:46 X.509 certificate tests Casey Marshall
2004-10-26 15:46 ` Tom Tromey
2004-10-26 17:09 ` Casey Marshall
2004-10-26 17:20 ` Tom Tromey
2004-10-26 17:58 ` Casey Marshall
2004-10-26 20:33 ` Mark Wielaard
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).