Today, CP's own Marianne Mueller was scheduled to give a talk at JavaOne on the eagerly awaited (at least by this user) Java Crypto API. I could not attend the conference, but downloaded the slides for the presentation <http://java.sun.com/javaone/pres/Crypto.pdf> Viewing the slides left me with some questions that I hope someone that attended the talk might be able to answer: o "Developers do not call into Security Packages directly." It seems the developer calls java.security (presumably provided by Sun), which then will call the Security Packages. Is this view correct? o "Security Packages must be signed. Policy for signing is public and open." I assume the packages must be signed by Sun. How much will it cost to have a package signed? How do I obtain a copy of this "public and open" policy? o "Exportable API. Exportable applications." One code example shows performing a DES encryption. Another slide mentions "Support for [...] RSA." This is exportable? What am I missing? o Where can I get more info on "Jeeves", the Java HTTP Server? TIA, Disclaimer: My opinions are my own, not those of my employer. -- Lucky Green <mailto:shamrock@netcom.com> PGP encrypted mail preferred.