Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[platform-dev] Review Results, PKI Implementation #873
Greetings,

    Thank you very much for giving my bundle a look see.
I am going to give my best shot to answering the top results.
Please bear with me and forgive me if my comments are unclear..


  • Please put appropriate license headers to all files
    • Can I just copy and paste lic header from other bundles?  
  • Please squash your commits into a single one. Make sure the commit message describes efficiently the problem that this feature intends to solve
    • At this point Im trying my best to just hit the "mark", sorry if Im adding some scant inputs..
  • Please describe in the PR a way to test it
    • On my list of "other" code to write is Test code!
  • Please remove all unused code, commented code and all System.out
    • Absolutely need to remove all System.out, maybe add some debug Logger
  • Please use org.eclipse.core.net.pki package name
    • My first attempt at using a different package name went horrible
    • In addition, as this bundle becomes more complete and functional, it will become clear why it needs separation
  • Have you considered providing this support directly in existing org.eclipse.core.net/org.eclipse.ui.net bundles?
    • I did not consider that, but I think its fantastic idea, may require extra work and take longer to get out.


  • If new bundle(s) is necessary, please split those 2 into 1 core and 1 ui bundles; we want security stuff to work even without UI (Eclipse Platform is used without its UI in various cases).
    • I think that is great idea.  Its on my target.

But the most important part is that you didn't yet make clear what problem you're trying to solve that cannot be already solved with proper JVM settings, and how one can verify the problem and the solution. Without it, this code will be forever ignored.

I am going to set some time out to provide a write up of the benefits that PKI code will provide.  In a nutshell, today's  internet is tons of URLs which almost all are HTTPS single authentication sites.  They are secured by X509 Certificates that (mostly) have been secured via public Certificate Authorities.  They are single, basic authentication since we all use some browser or other that has the Certificate Authority already added in, or via a Java JDK where they are also embedded.  HOWEVER, more and more companies, private entities, even some gubmints are creating internet sites with URLs that require two way authentication requiring YOU to have your own x509 Certificate in a Key Store signed by Their Certificate Authority.  Eclipse DOES not contain this capability.  The PKI Implementation I am trying to add, will provide this capability.


Best regards,

joe

Back to the top