Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 248586

Summary: [plan] Consistent usage of TrustEngine/AuthorizationEngine
Product: [Eclipse Project] Equinox Reporter: Matt Flaherty <mwflaher>
Component: SecurityAssignee: Security Inbox <equinox.security-inbox>
Status: CLOSED WONTFIX QA Contact:
Severity: normal    
Priority: P4 CC: jrosenth, samolisov, slewis, tjwatson
Version: 3.5Keywords: plan
Target Milestone: ---   
Hardware: All   
OS: All   
Whiteboard: stalebug
Bug Depends on: 223033, 231204, 248592, 248784, 248785    
Bug Blocks:    

Description Matt Flaherty CLA 2008-09-25 10:52:48 EDT 
Consistent usage of TrustEngine/AuthorizationEngine across all PKI use cases

There are several areas where certificates and signed content are encountered, specifically: 

1) As bundles are installed into the system by P2
2) As bundles are loaded into the system by the Framework
3) As SSL-enabled servers are authenticated by ECF

We need to ensure consistent usage of a common abstraction layer for authenticating (ie: trust) certificates that are encountered, and for authorizing (via policy) the actions which are requested by these signers.

This plan item will track the various pieces of integration work.
Comment 1 Lars Vogel CLA 2019-09-24 13:51:15 EDT 
This bug hasn't had any activity in quite some time. Maybe the problem got resolved, was a duplicate of something else, or became less pressing for some reason - or maybe it's still relevant but just hasn't been looked at yet.

If you have further information on the current state of the bug, please add it. The information can be, for example, that the problem still occurs, that you still want the feature, that more information is needed, or that the bug is (for whatever reason) no longer relevant.