Re: JCE and SSL

Jeff Nisewanger (jdn@puuoo.eng.sun.com)
Tue, 15 Sep 1998 10:22:54 -0700 (PDT)

> I am writing a master thesis on Java Security, including JSA and
> JCA/JCE. Reading Scott Oaks book' "Java Security" I noticed that Sun has
> implemented Java-classes for SSL-support (namely the SSLSocket and
> SSLServerSocket classes), yet they are not part of the JCE? Any reasons
> for this? Has Netscape patented the SSL-technology?

JCE is a direct data encryption extension. SSL is a higher level
transport-oriented security protocol that may or may not do encryption
depending upon which "cipher suite" is configured and negotiated between
the communicating peers. There is a seperate SSL api which is available
at the Java Developer's Connection.

Jeff