Difference between revisions of "JGridstart/Notes"
From PDP/Grid Wiki
Jump to navigationJump to searchm |
(add template) |
||
(26 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | some notes on [[ | + | {{JGridstart}}some notes on [[JGridstart]] |
− | * Private key | + | * Private key (&passphrase) |
− | ** keep in memory with timeout | + | ** keep in memory with timeout when appropriate |
− | ** make sure it doesn't hit swap, if possible | + | ** make sure it doesn't hit swap, if possible -- [https://www.securecoding.cert.org/confluence/display/seccode/MEM06-C.+Ensure+that+sensitive+data+is+not+written+out+to+disk MEM06-C] |
+ | ** [https://www.securecoding.cert.org/confluence/display/java/MSC31-J.+Never+hardcode+sensitive+information?rootCommentId=26345518 MSC31-J] never hardcode sensitive information | ||
+ | ** make sure it's not serializable | ||
+ | ** Securing Java, part [http://softwaredev.earthweb.com/java/article/0,,12082_741921,00.html 1], [http://softwaredev.earthweb.com/java/article/0,,12082_756601,00.html 2] and [http://www.developer.com/java/article.php/767971 3]. | ||
+ | * Human Interface Guidelines | ||
+ | ** [http://library.gnome.org/devel/hig-book/stable/ Gnome HIG] | ||
+ | ** [http://developer.apple.com/documentation/userexperience/Conceptual/AppleHIGuidelines/ Apple HIG] | ||
+ | |||
+ | ==TODO== | ||
+ | * passwords | ||
+ | ** try again when password fails, stop after a couple of times | ||
+ | ** show how many passwords remembered and add action to forget | ||
+ | ** separate ui from passwordcache, implement cli | ||
+ | ** warn properly when unsupported password on single PKCS#12 entries are found | ||
+ | ** [Mac] make sure password dialog is placed on top of the relevant window, not somewhere else | ||
+ | * html viewer | ||
+ | ** on enter, go to next form element, or submit if at the end (like JEditorpane) -- upstream | ||
+ | ** make printing margins work, document on wiki, notify mailing list | ||
+ | ** [bug] [Win] html form cannot receive input unless the focus is removed from a form element and given back | ||
+ | ** [bug] [Mac] explicitely set base url in jar or stylesheet cannot be found | ||
+ | * gui | ||
+ | ** Make default certificate bold and place on top of list | ||
+ | ** Import: if base64 encoding of cert/CSR is equal to another one ask whether to overwrite or ignore. | ||
+ | ** concurrency !! | ||
+ | ** [bug] selecting certificate in menu doesn't update certificatelist when an invalid certificate is present but it is not the last certificate | ||
+ | ** [bug] certificate list becomes empty after refresh when a certificate is removed from disk | ||
+ | * Naming of certificate directories should be related to certificate date, not import date | ||
+ | * give the possibility to re-upload a CSR (when no certificate present) | ||
+ | * for email links to RA/CA, add DN and modulus.first20 in body | ||
+ | |||
+ | ==Future ideas== | ||
+ | * Make estimated guess for some request form fields | ||
+ | ** Organisation: ip-address, emailaddress (specify in organisations.conf); currently specified in jnlp/default properties | ||
+ | ** Name: from system user | ||
+ | ** Certification level: detect demo/tutorial from hostname/ip-range/systemname/... |
Latest revision as of 12:39, 29 March 2012
<sidebar>
- jGridstart
- JGridstart|Home
- JGridstart/Help|Help
- JGridstart/Support|Support
- jGridstart for ...
- JGridstart/Certificate_Authorities|Certificate Authorities
- JGridstart/Developers|Developers
</sidebar>some notes on JGridstart
- Private key (&passphrase)
- Human Interface Guidelines
TODO
- passwords
- try again when password fails, stop after a couple of times
- show how many passwords remembered and add action to forget
- separate ui from passwordcache, implement cli
- warn properly when unsupported password on single PKCS#12 entries are found
- [Mac] make sure password dialog is placed on top of the relevant window, not somewhere else
- html viewer
- on enter, go to next form element, or submit if at the end (like JEditorpane) -- upstream
- make printing margins work, document on wiki, notify mailing list
- [bug] [Win] html form cannot receive input unless the focus is removed from a form element and given back
- [bug] [Mac] explicitely set base url in jar or stylesheet cannot be found
- gui
- Make default certificate bold and place on top of list
- Import: if base64 encoding of cert/CSR is equal to another one ask whether to overwrite or ignore.
- concurrency !!
- [bug] selecting certificate in menu doesn't update certificatelist when an invalid certificate is present but it is not the last certificate
- [bug] certificate list becomes empty after refresh when a certificate is removed from disk
- Naming of certificate directories should be related to certificate date, not import date
- give the possibility to re-upload a CSR (when no certificate present)
- for email links to RA/CA, add DN and modulus.first20 in body
Future ideas
- Make estimated guess for some request form fields
- Organisation: ip-address, emailaddress (specify in organisations.conf); currently specified in jnlp/default properties
- Name: from system user
- Certification level: detect demo/tutorial from hostname/ip-range/systemname/...