The Open–source PKI Book: A guide to PKIs and Open–source Implementations | ||
---|---|---|
Prev | Chapter 6. Open-Source Implementations | Next |
Jonah is a freeware (term used by IBM, it is not mentioned as open–source) implementation of the available PKIX standards for a public–key infrastructure. It is one of the implementations that was designed to follow the PKIX standards from the beginning and it generated important feedback to the standardisation process. The core of Jonah is written in C++ and the server components are accessed using Java applets. The C++ code is compatible with Windows NT, Solaris and AIX. We must emphasise that Jonah was written basicaly for the internal purposes of IBM and its subsidiaries Lotus and Iris as an interoperability tool between different implementations and to be part of future IBM products.
There is no Linux port yet, and this can be attributed to several issues. The development environment chosen initially was making use of the MKS Toolkit, which provides a Unix-like environment to Windows NT. In the next version, the ODE environment was chosen. Both are incompatible with Linux and require some work to make them work together. Additionally, for the cryptographic support one would need to use the Cylink crypto libraries, which at the moment were export restricted. In the next version, there the BSafe Toolkit from RSA Security was chosen. Cryptographically-wise, BSafe is much more mature and popular. However, it is a commercial product and it remains to have investigated its licensing issues.
Jonah provides transparency to the choice of cryptographic support by making use of the Common Data Security Architecture (CDSA). The Common Data Security Architecture (CDSA) is a set of layered security services and cryptographic framework that provide the infrastructure for creating cross-platform, interoperable, security-enabled applications for client-server environments. The CDSA solutions cover all the essential components of security capability, to secure electronic commerce and other business applications with services that provide facilities for cryptography, certificate management, trust policy management, and key recovery. CDSA was developed by Intel and is being standardised by OpenGroup.
Jonah is not distributed with the full functionality due to the crypto issues. To be precise, Jonah is not available at the moment due to a mysterious licensing issue with the CDSA support. It is claimed that Intel, by releasing version 2 of CDSA, has made the version of CDSA used by Jonah illegal to distribute. The last free distribution of Jonah was using version 1.2 of CDSA.
Jonah is distributed under this license.