|
Download
and |
||||||
Jump to
Variants and Subsets of E
Dependencies
Download by Platforms & Versions
Are you sure you want the 0.8.4 version?
New!
E is Available Without Restriction
Historically, there have been two forms of "E". E itself, employing the kind of strong cryptography parts of the U.S. government tried to prevent from being exported, and deffE, which was crypto-crippled to appease these bureaucrats. Domestically, we produced and exported only daffE. E was then independently derived and distributed overseas.
With two changes in the U.S. legal climate, this dance is no longer necessary.
-
The Ninth Circuit Court rules Software is Protected Speech and Export Controls are Unconstitutional Prior Restraint. The Ninth Circuit consists of California, Oregon, Washington, Arizona, Montana, Idaho, Nevada, Alaska, Hawaii, Guam and the Northern Mariana Islands. E is produced, published, and distributed primarily from California.
-
Although still a long way from being constitutional, the Bureau of Export Administration (BXA), issues new regulations that mostly legalize the export of freeware strong crypto code. E, being open source, qualifies by their definition of freeware: "not subject to an express agreement for the payment of a licensing fee or royalty for commercial production or sale of any product developed with the source code". The "mostly" is that the new regulations require that the BXA be notified of any such exporting. As this restriction clearly constitutes an unconstitutional prior restraint on speech, we hereby exercise our constitutional rights by posting E without restriction (thereby effectively exporting it) without notifying the BXA. We encourage other purveyors of strong crypto code to do likewise.
We will no longer be distributing of supporting any flavor of daffE -- only E..
Variants and Subsets of E
A complete E system is persistent, distributed, and capability-secure both within and between processes. Variants of E are tagged by which of these features are left out.
| Feature | Prefix if feature is absent |
What it stands for |
|---|---|---|
|
Persistent |
tl- |
Time-Local |
|
Distributed |
sl- |
Space-Local |
|
Local
capability security |
otc-
|
Only-Trusted-Code
|
|
Distributed |
daffE |
Distributed Application Framework |
A non-persistent E is called time-local since an object only exist as long as its hosting process does. This release is time-local and so is prefixed with "tl-". We expect to be adding the persistence code back in as part of the 0.9.x release.
A non-distributed E is called space-local if an object and all references to it only exist within its hosting process. This release is distributed and so is not prefixed with "sl-". To make a space-local variant of this release, you need merely remove the org.erights.e.net package tree.
E by definition provides distributed capability-security -- the ability for objects in mutually suspicious processes to safely cooperate. If it looks like E and it quacks like E, it might be a duck; but if it doesn't provide distributed capability security, it's not E. A system that's otherwise equivalent to E, but doesn't provide distributed capability security, is called daffE. A distributed E can only be implemented by means of strong crypto, of course, for which we are bundling a subset of the Cryptix library. In a space-local system, no distributed insecurity can arise, so such a system would be an sl-E rather than an sl-daffE. This release provides distributed security and so is an E rather than a daffE.
E is designed to provide local capabillity-security -- the ability for mutually suspicious objects hosted by the same process to safely cooperate, and the use of capability discipline to determine which of its hosting process's authorities it may exercise. Such objects could be executing untrusted code -- code that the hosting process (or its owner) doesn't need to fully trust. Currently, however, E's E-to-Java binding exposes all of public static Java to all E code, and the Java libraries do not follow capability discipline. Therefore this release hosts only-trusted-code and so is prefixed with "otc-". (Note that all conventional cryptographic code, such as PGP, is also assumed to be fully locally trusted, and provides only distributed security.) We expect to provide local capability security, including confinement, as part of the 1.0.x release.
E is designed to support automatic mobile code (as in PassByCopy objects). However, were this to be provided in a release that was not locally secure, this would invalidate our distributed security and worse. Therefore mobile code support must wait until E supports full local capability security including confinement.
Dependencies
Versions & Types of Java
In referring to various versions of Java, we follow Sun's terminology and numbering. A Java Runtime, or jre, is adequate to run standard Java binary programs (class files & resources). A Java Development Kit, or jdk, is adequate both to build a program from sources and to run it. A jdk is a superset of the corresponding jre, and their version numbers are always in synch. Each successive version of the jdk/jre from Sun effectively defines a new version of the Java & JVM standards, except that Sun has introduced a numbering inconsistency: The Java/JVM 2.x standard corresponds to Sun's jdk/jre 1.2.x. We ignore this inconsistency and refer to both as 2.x.
E 0.8.4 requires a jre >= 1.1.7 and < 2.x. To build E from sources, a corresponding jdk is required. E 0.8.4 relies on (and bundles) Cryptix 3.0.3 (see below), which is not compatible with Java 2.x. If you wish to use E with Java 2.x, you should consider using E 0.8.9, which bundles in Cryptix 3.1.1. Cryptix 3.1.1 is compatible with both Java 1.1 and Java 2.x.
E makes heavier use of Java reflection than most Java vendors have encountered. Some implementations of Java (like IBM's VisualAge 1.1.7) have failed to run E because of bugs in their implementation of reflection. As you encounter information to add to the table below, please let me know.
| E doesn't run | E seems fine |
|---|---|
|
Visual Age 1.1.7 |
Sun jre/jdk >= 1.1.7 & < 2.x Blackdown jdk < 2.x Symantec Cafe |
Some places to get some a jre or jdk 1.1:
|
Linux
|
Solaris |
Win95/98/NT
|
|
|---|---|---|---|
|
jre
|
|||
|
jdk
|
Versions of 
Cryptix
This 0.8.4 of E bundles in, and depends on, a subset of the Cryptix 3.0.3 strong cryptography library. This library is compatible only with Java 1.1 and is considered deprecated by Cryptix. This library is covered by the Cryptix General License, which is the standard Berkeley license without the hated advertising clause. Note: This release of Cryptix doesn't work if you rename the *.jar files, so leave 'em alone. The "e" command includes the names of these files in the CLASSPATH it provides to Java.
By contrast, E 0.8.9 bundles in the latest production Cryptix library, which is compatible with both Java 1.1 and Java 1.2.
Versions of Swing
E depends on a Swing whose package path is "javax.swing" (rather than the older "com.sun.java.swing"). E 0.8.4 bundles in Sun's swingall-1.0.3.jar, which is not open source. The "e" command includes this name in the CLASSPATH it provides to Java.
Build-Only Dependencies
If you are only installing E from a binary distribution, or only rebuilding the Java portion for your own use, you can ignore this section. However, if you wish to build an E distribution from sources, then you will need the equivalent of the following tools as well.
The Cygwin Distribution
The E building process relies on a number of UNIX tools. These are available for Windows from Cygnus Support as the Cygwin package. If you wish to build E on Windows, you should download and install at least Beta version 20.
BYacc/J (Berkeley Yacc for Java)
The E source distribution contains the executable binary program byaccj.exe, which is actually BYacc/Java from Bob Jamison and others. BYacc/Java is the Berkeley Yacc program extended with a "-j" flag and others for producing Java output. BYacc/Java is covered by the Berkeley License.
Zip Files
E 0.8.4 uses the jdk's "jar" command in order to package up a distribution. Unfortunately, this is problematic as jar includes entries for the directories as well. By contrast, E 0.8.9 uses Info-Zip's zipping tools, which work.
Download by Platforms & Versions
Earlier versions of E have been tested and run on Windows 95, Windows 98, and Linux. It should run without difficulty on Windows NT and on other UNIX platforms. If you experience any problems, please let me know.
The Installing links below describe how to install, and run various forms of the binary distribution. The Building links describe how to build E from the source release. The Download links will download each corresponding form of the release to your machine.
|
Unix/Linux
(gzipped tar files) |
Win95/98/NT
(zip files) |
|
|
Binary
Distribution |
||
|---|---|---|
|
Source
Distribution |
The contents of the Unix/Linux downloads are identical to that of the Win* downloads, except for the use of gzipped tar files rather than zip files. Since gzipped tar files are somewhat smaller, Win* users should download these instead if they can decompress them. The commercial WinZip program seems to do a good job on both compression types. Also, Info-Zip's unzip can be used to unpack the zip files on any platform.
Unless stated otherwise, all text on this page which is either unattributed or by Mark S. Miller is hereby placed in the public domain.
|
|
report bug (including invalid html)
|
||||||||
