Notes from the Java Reference Implementation Group
Date: December 12, 2010
Time: 3:00 - 4:00 PM EST
Attendees: Michael, Tim, Beau, Greg


Greg, Tim, Beau

Knocking out bugs
Hitting one with alt name
- according to security and trust spec
- updated to match spec
- also added to configuration service for certificates (for owner)

Importing anchors
- was looking for email first
- actually confusing
- shows CN first

DAO to use LDAP
- going to pull out for adds
- the majority of the people going to use LDAP
- going to use existing
- going to be pretty hard to add entries into LDAP correctly
- may destroy integrity of ldap store
- may fall back to LDAP dao with read-only mode
- need to use existing entry method

Need to think about certs being their own CA

Existing trust path validator does not allow the cert to be used in chain

Cross signing will come up again at the begining of the year

Next meeting: First week of January