спецификации, руководства, описания, API

The Scoop on RMI and SSL

In response to frequent discussions on RMI and SSL on the RMI users list, the RMI group here at Sun is providing a page that tells the RMI/SSL story. If this is a topic that interests you, or if you are interested in being included in the communications of the RMI development community you'll want to subscribe to the rmi-users list.

Below are some questions and answers about SSL and RMI. If you have any comments or questions that are not addressed by this document, please send mail to rmi-comments@java.sun.com .

Q1: Is it possible to use SSL with RMI?

A1: Yes, it is possible, due to RMI enhancements available in the Java^TM 2 SDK, Standard Edition, v1.2 (Java 2 SDK).

Q2: How do I use SSL with RMI?

A2: The version of RMI included in the Java 2 SDK enables the RMI developer to use custom socket types. In earlier versions of RMI there could only be one type of socket used per Java virtual machine* (JVM), but now RMI allows each object to use a different type of socket for its RMI connections. All an application has to do is install an RMI socket factory that creates sockets of the desired type (that speak a particular protocol). We have a tutorial on creating a custom RMI socket factory. Where to get the Java programming language implementation of SSL is discussed next.

Q3: Does Sun^TM have a pure Java programming language implementation of SSL?

A3: The HotJava^TM Browser, Java^TM Web Server^TM, and JavaServer^TMToolkit all provide secure communications using a Java programming language implementation of SSL from Sun. In addition, Sun has a stand-alone Java programming language implementation of SSL for the Java 2 platform, the Java^TM Secure Socket Extension (JSSE) 1.0.

Q4: Does Sun recommend any third party pure Java programming language implementations of SSL?

A4: While we do not endorse any one vendor's implementation, we would like to provide a list of available SSL implementations written in the Java programming language.
Most implementations of SSL use RSA algorithms. In the U.S. the use of RSA algorithms must be licensed from RSA. Therefore, U.S. customers have to take special care to understand all the legal ramifications of the implementations they choose. As a result, the available implementations will be listed in two categories: U.S. implementations and non-U.S. implementations. U.S. Implementations:

Phaos Technology's SSLava Toolkit

Phaos has made available an example which shows how to use SSLava with RMI.
Non-U.S. Implementations:

Protekt SSL Software from Forge Information Technology

Baltimore Technologies' J/SSL

IAIK's iSaSiLk

*As used on this web site, the terms "Java virtual machine" or "JVM" mean a virtual machine for the Java platform.