Certification Path overview
The Java™ Certification Path API consists of classes and interfaces for handling certification paths (also known as "certificate chains"). A certification path is an ordered list of certificates. If a certification path meets certain validation rules, it can be used to securely establish the mapping of a public key to a subject.
This API defines interfaces and abstract classes for creating, building, and validating certification paths. Implementations can be plugged in using a provider-based interface. The API is based on the Cryptographic Service Provider architecture, described in the Java Cryptography Architecture Document.
The API also includes algorithm-specific classes for building and validating X.509 certification paths according to the PKIX standards. The PKIX standards are developed by the IETF PKIX working group.
This API is being reviewed using the Java Community ProcessSM program as Java Specification Request (JSR) 000055. The API is included in the SDK v 1.4 and higher version. Refer to the JSR 055 Home Page for more information on the JSR and the latest status.
Who Should Read This Document
This document is intended for two types of experienced developers:- Those who want to design secure applications that build or validate certification paths.
- Those who want to write a service provider implementation for building or validating certification paths.