Java security architecture and extensions

Unfortunately, we are not in the best of worlds and building industry- strength crypto-enabled software based on the available providers is problematic. Problems are caused by shortcomings in the JCA/JCE (Java Cryptography Architecture/Java Cryptography Extension), which are in turn exacerbated by sloppy implementation and interpretation of the API and implementation guidelines. I present techniques for building providers in an interoperable fashion, identifying mistakes to avoid. I also outline the scope of applications that should be feasible to implement based on a provider-independent layer-in particular, the JCA/JCE.