Can you please state clearly for the record what the minimum security requirements are for being granted an RSA key that is added to the verification key chain. This may have been written somewhere, but I am not aware of it. A statement to this effect will help people interested in developing clients in Java, Javascript, Gtk-Tkl, Python, PHP, macromedia etc think about a design that will enable them to get their work into the verification keychain. 

>From my point of view the requirements have not been clearly stated during the past two years of the Java Key fiasco. This has made the job arbitrarily difficult since no one really knows what the Java developers are really trying to create goal wise with a verification design scheme. I don't think this is an unreasonable request-- that the requirements are stated, or you show use where we can see where the minimum requirements have been written. I would like to start a dialog so that we can unequivocate the issue. Also it turns out that Java is a rich enough environment that I am confident that a proposal can be written and reviewed by the developer community that meets these requirements. 
Sign-up for Ads Free at

vanilla-devel mailing list
vanilla-devel at