PKI security framework for JNEXT 
Monday, October 20, 2008, 07:28 PM
Posted by Administrator
The past few days I've been studying OpenSSL and after many searches, wading through various samples, scraping information from mailing lists and the odd documentation texts, I've finally got all the necessary plumbing together to support the security infrastructure for JNEXT. The next version of JNEXT is planned to be released with this framework, making JNEXT finally ready to be run on public Web sites.

The basic idea is as follows: Any Web site that runs JavaScript code that makes use of JNEXT, will have to sign that code with its private key, and make it's corresponding X509 certificate available for download by the JNEXT client. The JNEXT plugin will verify that the JavaScript code matches the signature, using the Web site certificate and the locally stored root certificate of the CA that issued the Web site certificate.

If the root certificate of the Certificate Authority, the Web site certificate, the JavaScript code and the JavaScript code signature are inconsistent, then JNEXT will not allow the JavaScript code from that page access to native code via JNEXT extensions.



[ add comment ] ( 3 views )   |  permalink  |   ( 3 / 61 )
JNEXT 1.0.8.1 released 
Tuesday, September 23, 2008, 11:07 PM
Posted by Administrator
It's 2:07am here now, which will definitely have a bad effect on my productivity at work tomorrow, but I've finally completed support for both UDP and TCP sockets, so now the sample illustrates how to use TCP and UDP sockets from JavaScript.

I've verified that the new JavaScript TCP/UDP socket samples work on IE,Firefox,Google Chrome and Opera

As always, full sources are available for download as well

Enjoy... :-)




[ 2 comments ] ( 40 views )   |  permalink  |   ( 3 / 60 )
UDP socket support 
Saturday, September 20, 2008, 09:29 PM
Posted by Administrator
I've recently added UDP support for JNEXT for all those wishing to use UDP sockets from JavaScript. Once it's all polished I'll post an updated setup.

For the impatient, you can compile the latest sources by downloading them via bzr from http://jnext.org/core

I've also added a link so you can view the latest JNEXT development updates (just click the JNEXT commit history link to your right).

[ add comment ] ( 4 views )   |  permalink  |   ( 2.9 / 69 )
So, what now ? 
Thursday, September 18, 2008, 08:52 PM
Posted by Administrator
After releasing JNEXT 1.0.8, the next step is to start working on a watertight security model to enable safely deploying JNEXT applications on public Web sites.

There's just one more thing I wish to complete before starting this, and that is adding a UdpSocket class to the Sockets library - this way the sample can be extended to show how to use both TCP and UDP sockets from JavaScript. I will be releasing this as an update to 1.0.8 and not as a new JNEXT version.



[ add comment ] ( 3 views )   |  permalink  |   ( 3.1 / 55 )
Google Chrome 
Saturday, September 6, 2008, 06:32 PM
Posted by Administrator
Of course after I downloaded the Google Chrome browser, the first thing I checked was if JNEXT works well with it. Although I didn't expect any problems (after reading the background comic and learning that plugins are supported), I was still relieved to see there's no need for another development curve for JNEXT to run in Chrome.

I hope to release a new setup for JNEXT 1.0.8 this week which will include all the fixes and the new plugin extensions. After that, the next milestone is the PKI infrastructure for securely running JNEXT on public Web sites.

[ add comment ] ( 1 view )   |  permalink  |   ( 3 / 58 )

<<First <Back | 1 | 2 | 3 | 4 | 5 | 6 | 7 | Next> Last>>