v1.71 Certificate Management Library Now Available

Subject: v1.71 Certificate Management Library Now Available
From: "Pawling, John" <John.Pawling@wang.com>
Date: Fri, 14 Jul 2000 17:01:32 -0400
Content-Type: text/plain; charset="iso-8859-1"


All,

Wang Government Services, Inc. (WGSI), A Getronics Company, has delivered
the Version 1.71 Certificate Management Library (CML).  The v1.71 CML is
freely available to everyone from the Fortezza Developers CML Page
<http://www.armadillo.huntsville.al.us/software/certmgmt/index.html>.  

The v1.71 CML is described in the v1.7 CML Application Programming Interface
(API) document.  It implements the 1997 X.509 certification path processing
rules.  It meets the majority of RFC 2459 and SDN.706 requirements.  It
(optionally) provides local cache management functions and (optionally)
obtains data objects using LDAP.  It can (optionally) be used in conjunction
with the v1.31 Certificate Path Development Library (CPDL) developed by
CygnaCom Solutions, an Entrust Technologies company, to provide robust
certification path building capabilities such as using cross certificates.
The CML has been used to validate X.509 Certificates and Certificate
Revocation Lists (CRL) signed using the Digital Signature Algorithm (DSA)
and RSA.   Further enhancements, ports and testing of the CML are still in
process.  Further releases of the CML will be provided as significant
capabilities are added. 

The following v1.71 CML files are available:
CMLv171win.zip: MS Windows Dynamically Linked Libraries (DLL) 
CML171so.tar.Z: Sun Solaris Libraries 
CML171sr.tar.Z: Source, including Windows project files 

The aforementioned files and the v1.7 CML API document (CMv1_7api.doc,
CMv1_7api.pdf), test certs (cml171data.zip) and readme.txt files are stored
on the Fortezza Developers CML Page.

The v1.71 CML includes the following enhancements (compared with the v1.7
CML release):

1) Tested with the SNACC, Crypto Token Interface Libraries (CTIL) and
LibCert DLL delivered with the v1.7 S/MIME Freeware Library (SFL) available
from Fortezza Developer's S/MIME Page
<http://www.armadillo.huntsville.al.us/software/smime>.

2) Re-configured directory structure for CML source code files so that it is
consistent with the SFL and Access Control Library (ACL).  

3) Diffie-Hellman logic in CM_RetrieveKey and CM_DecodeCert cleaned up.

4) Corrected several bugs reported by customers.

5) Performed regression testing to ensure that aforementioned enhancements
did not break existing CML functionality.

WGSI welcomes all feedback regarding the CML software and documents.  If
bugs are reported, then we will investigate each reported bug and, if
required, will produce a patch or an updated release of the software to
repair the bug.

All source code for the CML is being provided at no cost and with no
financial limitations regarding its use and distribution. Organizations can
use the CML without paying any royalties or licensing fees.  The CML was
originally developed by the U.S. Government.  WGSI is enhancing and
supporting the CML under contract to the U.S. Government.  The U.S.
Government is furnishing the CML software at no cost to the vendor subject
to the conditions of the CML Public License provided with the CML software.
The CML software is not subject to U.S. Government encryption export
regulations, so it is freely available to everyone.

The v1.71 CML uses the WGSI v1.3 Enhanced SNACC ASN.1 Library to
encode/decode objects.  WGSI has successfully tested the v1.71 CML with the
SNACC and CTIL DLLs delivered in conjunction with the v1.7 SFL.  Source code
for the WGSI-developed CTILs is available from the Fortezza Developer's
S/MIME Page.  The actual crypto libraries are not provided with the CML or
SFL.  They must be independently obtained from the appropriate source.  

The v1.71 CML can be used in conjunction with the v1.31 CPDL to successfully
meet all of the requirements of the Bridge Certification Authority
Demonstration effort which includes cross-certified Entrust, Spyrus and
Motorola v3 certificate domains.  The CML171sr.tar.Z file includes the CPDL
source code and public license.  <http://www.cygnacom.com/cpl> provides more
information regarding the CPDL.

The Internet Mail Consortium (IMC) has established a CML web page
<http://www.imc.org/imc-cml>   
and a CML mail list which is used to: distribute information regarding CML
releases; discuss CML-related issues; and allow CML users to provide
feedback, comments, bug reports, etc.  Subscription information for the
imc-cml mailing list is at the IMC web site listed above.  

All comments regarding the CML source code and documents are welcome. This
CML release announcement was sent to several mail lists, but please send all
messages regarding the CML to the imc-cml mail list ONLY.  Please do not
send messages regarding the CML to any of the IETF mail lists.  We will
respond to all messages sent to the imc-cml mail list.

============================================
John Pawling, john.pawling@wang.com
Wang Government Services, Inc.,
A Getronics Company
============================================

Prev by Date: The Evolving Federal PKI Report
Next by Date: v1.7 S/MIME Freeware Library Now Available
Prev by thread: v1.7 S/MIME Freeware Library Now Available
Next by thread: The Evolving Federal PKI Report

Date Index | Thread Index | Problems or questions? Contact list-master@nist.gov