JSSE for CDC API Overview

JSSE 1.0.3 for CDC 1.0.2 is a Java technology implementation that enables secure Internet communications. It implements a Java version of SSL (Secure Sockets Layer) and TLS (Transport Layer Security) protocols and includes functionality for data encryption, server authentication, message integrity, and optional client authentication. Using JSSE for CDC, developers can provide for the secure passage of data between a client and a server running any application protocol (such as HTTP, Telnet, NNTP, and FTP) over TCP/IP.

The JSSE for CDC reference implementation enables developers to utilize secure, encrypted communication channels in their applications. By abstracting the complex underlying security algorithms and "handshaking" mechanisms, JSSE for CDC minimizes the risk of creating subtle but dangerous security vulnerabilities. It simplifies application development by serving as a building block which developers can integrate directly into their applications.

JSSE for CDC provides Secure Sockets Layer (SSL) v3 and Transport Layer Security (TLS) 1.0 support to the Java 2 Platform. SSL is a public-key-based network security protocol widely used to authenticate, privacy-protect, and ensure message integrity of transactions made over the Internet.

Features

• Java technology implementation
• Exportable
• Secure Sockets Layer (SSL) v3 support
• Transport Layer Security (TLS) 1.0 support
• Basic utilities for key and certificate management, including securely encrypted storage of private keys and Certificate Authority (CA) support
• SSLSocket and SSLServerSocket classes, which can be instantiated to create secure channels
• Cipher Suite negotiation, which performs SSL "handshaking" to initiate or verify secure communications
• Client and server authentication, as a part of the normal SSL handshaking
• HTTPS support: the ability to access data such as HTML pages using HTTPS
• Server Session Management to manage the cache of sessions
• RSA cryptography algorithms -- the JSSE implementation includes code licensed from RSA Data Security
• Cryptographic suites, including:

Domestic and Global
Cryptographic Suite	Key Length
RSA public key (authentication and key exchange)	2048 bits (authentication), 2048 bits (key exchange)
RC4 (bulk encryption)	128 bits
DES (bulk encryption)	64 bits (56 effective)
Triple DES (bulk encryption)	192 bits (112 effective)
Diffie-Hellman public key (key agreement)	1024 bits
DSA public key (authentication)	1024 bits

The JSSE for CDC reference implementation is based entirely on Java technology and does not require any porting effort. It can be deployed CDC-based profiles like Foundation Profile, and Personal Basis Profile. The installation instructions for the reference implementation include instructions for compiling applications that use JSSE for CDC.

For general questions about JSSE 1.0.3 for CDC 1.0.2 usage and deployment, we encourage you to read the JSSE 1.0.3 Frequently Asked Questions (FAQ), the Java Security Q&A Archives and the Java Developer Connection forums.

To report bugs or request a feature, please see:

http://bugreport.sun.com/bugreport/index.jsp

Please send general comments about JSSE 1.0.3 for CDC 1.0.2 to:

java-security@sun.com.

Though we value your input, before sending your feedback, please search the Java Security Q&A Archives and review our pages of Frequently Asked Questions ( FAQ).

Please note that due to the volume of messages we receive, we may not be able to respond to every individual message.

For other comments/suggestions concerning the web sites, please use the feedback form.