Provides classes to give the user a handle to accept invalid server certificates. The {@link javax.net.ssl.TrustManager} doing this is implemented by {@link nl.nikhef.slcshttps.trust.TrustManagerImpl}. In addition to standard certificate chain checking, it also checks the hostname against the certificate. For this it is necessary to extend the standard {@link javax.net.ssl.HttpsURLConnection} since the {@link javax.net.ssl.TrustManager} normally doesn't receive the hostname/port. This extension is {@link nl.nikhef.slcshttps.trust.HttxURLConnection}, which is a delegate class due to the abstract nature of {@link javax.net.ssl.HttpsURLConnection}. The hostname is checked using the {@link nl.nikhef.slcshttps.trust.HostnameChecker} class which is roughly a combination of JDK1.6 implementation dependent sun.security.util.HostnameChecker with sun.net.util.IPAddressUtil, while using a method getCNS(), adapted from the not-yet-commons-ssl-0.3.10 package, instead of the getSubjectX500Name(). TODO: findMostSpecificAttribute(X500Name.commonName_oid) adapted from not-yet-commons-ssl-0.3.10.
@see nl.nikhef.slcshttps @see http://www.nikhef.nl/pub/projects/grid/gridwiki/index.php/User:Msalle