not-yet-commons-ssl



This page is out of date. These days we just do maintenance releases to fix bugs reported on the mailing list. Current version is 0.3.15.

Road Map For Future Versions

0.3.10 - 0.3.11 are just some feature ideas. They might not be feasible. 0.3.9 is the current version.

VersionRelease Date?Description
0.3.4Nov 200690% feature complete. Probably contains some bugs.
0.3.5Dec 2006PKCS8Key constructor is public now. Whoops. Hostname verification knows about more than just CN's now - also checks subjectAlts in the server's certificate.
0.3.6Jan 2007Fixed Java 1.4 bug with HttpsURLConnection.
0.3.7Feb 200740 bit and 56 bit ciphers disabled by default. RMI-SSL improved. getSSLContext() added. Various other improvements.
0.3.8Nov 2007PBE (password-based-encryption) formally introduced and improved. 40 bit and 56 bit ciphers still disabled by default, but working better when re-enabled.
0.3.9May 2008Some PBE fixes. Using latest ASN.1 code from BouncyCastle.
0.3.10May 2008

Socket monitoring. Make it easier for long-running server applications to warn about impending certificate expiries.

OCSP - Online Certificate Status Protocol

NotQuiteSoEasySSLProtocolSocketFactory will trust any server The First Time, and store that server's cert on disk for future accesses.

0.3.11Jun 2008TrustMaterial.setAutoReload( true / false ), and KeyMaterial.setAutoReload( true / false ), but only if no password, or "changeit" was provided. (Question: should this "reload" tear down all open sockets?).
0.4.0Jul 2008Non-public code (protected, private, etc) moved into a separate "impl" package where possible.
0.5.0Aug 2008API froven. All future versions must be reverse-compatible with 0.5.0 (except for any parts of 0.5.0 later found to be insecure).
0.7.0Nov 2008JavaDocs written for all public methods and classes.
0.7.5Mar 2009JUnit tests written for all classes.
0.9.0May 2009First BETA release. JUnit tests passing on all targetted platforms:
  1. Intel/AMD: (Sun, IBM, BEA) x (Linux, Mac, Windows) x (1.3, 1.4, 5, 6, 7)
  2. All of the above with and without BouncyCastle.
  3. PowerPC: Mac OS X 10.4, 10.5
  4. Linux: Latest GCJ, Kaffe, and Blackdown releases. BouncyCastle added if necessary to get tests to pass.
  5. Anyone got an IBM mainframe we can test on?
0.9.1 - 0.9.9Aug 2009Bug fixes.
1.0.0Jan 2010Development mostly stops.

The problem we're solving with Commons-SSL is quite small, so I don't see any reason to ever go beyond 1.0.0, except for fixing bugs.