In Java 1.1, the primary tool that was used for key management was javakey, which is based heavily on the Identity and IdentityScope classes. The keytool utility that comes with Java 2 is a better way to implement key management, and the KeyStore class on whichkeytool is based is definitely more flexible than the classes on which javakey is based. In addition, the javakey database uses some classes and interfaces that have been deprecated in Java 2 -- primarily the java.security.Certificate interface.

Nonetheless, for developers who are still using 1.1, a key management system based upon the Identity and IdentityScope classes is the only possible solution. In this appendix, we’ll show how these classes can be used for key management. For each of the techniques discussed in this appendix there is a complementary technique in the KeyStore class. In addition, the Identity and IdentityScope classes have been deprecated in Java 2, so you should really move to the keystore implementation as soon as possible. As we mentioned in Chapter 10, keytool can import a javakey-based database.