Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Won't Do
-
jtsk_2.1
-
None
-
None
Description
An aggregate endpoint for Jini ERI stack as is available through Bob Scheifler's hacks is important in an environment where you want to export your service allowing for both Kerberos and TLS based security, for more context information I refer to the discussion at Bob's project.
Bob's implementation as is is pretty uninteresting at the moment as it doesn't come with an accompanying trust verifier. The use case in the discussion also demonstrates that there is no proper way to get the trust verifier to the client side in a way that is likely going to succeed (assuming security to be important). To me this implies a trust verifier for an aggregate endpoint must be locally available, hence my reference to "part of the Platform" in the summary.
Although I could incorporate such a trust verifier as part of my own Platform definition this is not going to help interoperability between client and servers in a mixed environment rendering it pretty useless.