changeset 3050:4565d120e514

6987827: security/util/Resources.java needs improvement Reviewed-by: valeriep
author weijun
date Thu, 11 Nov 2010 15:51:12 +0800
parents c70ba0987e05
children ca73653c0329
files src/share/classes/com/sun/security/auth/NTDomainPrincipal.java src/share/classes/com/sun/security/auth/NTNumericCredential.java src/share/classes/com/sun/security/auth/NTSid.java src/share/classes/com/sun/security/auth/NTSidDomainPrincipal.java src/share/classes/com/sun/security/auth/NTSidGroupPrincipal.java src/share/classes/com/sun/security/auth/NTSidPrimaryGroupPrincipal.java src/share/classes/com/sun/security/auth/NTSidUserPrincipal.java src/share/classes/com/sun/security/auth/NTUserPrincipal.java src/share/classes/com/sun/security/auth/PolicyFile.java src/share/classes/com/sun/security/auth/PolicyParser.java src/share/classes/com/sun/security/auth/SolarisNumericGroupPrincipal.java src/share/classes/com/sun/security/auth/SolarisNumericUserPrincipal.java src/share/classes/com/sun/security/auth/SolarisPrincipal.java src/share/classes/com/sun/security/auth/SubjectCodeSource.java src/share/classes/com/sun/security/auth/UnixNumericGroupPrincipal.java src/share/classes/com/sun/security/auth/UnixNumericUserPrincipal.java src/share/classes/com/sun/security/auth/UnixPrincipal.java src/share/classes/com/sun/security/auth/X500Principal.java src/share/classes/com/sun/security/auth/login/ConfigFile.java src/share/classes/com/sun/security/auth/module/JndiLoginModule.java src/share/classes/com/sun/security/auth/module/KeyStoreLoginModule.java src/share/classes/com/sun/security/auth/module/Krb5LoginModule.java src/share/classes/com/sun/security/auth/module/LdapLoginModule.java src/share/classes/javax/security/auth/Policy.java src/share/classes/javax/security/auth/PrivateCredentialPermission.java src/share/classes/javax/security/auth/Subject.java src/share/classes/javax/security/auth/login/AppConfigurationEntry.java src/share/classes/javax/security/auth/login/LoginContext.java src/share/classes/javax/security/auth/x500/X500Principal.java src/share/classes/sun/security/pkcs11/SunPKCS11.java src/share/classes/sun/security/provider/PolicyFile.java src/share/classes/sun/security/provider/PolicyParser.java src/share/classes/sun/security/tools/JarSigner.java src/share/classes/sun/security/tools/JarSignerResources.java src/share/classes/sun/security/tools/KeyTool.java src/share/classes/sun/security/tools/policytool/PolicyTool.java src/share/classes/sun/security/util/AuthResources.java src/share/classes/sun/security/util/Resources.java test/sun/security/util/Resources/NewNamesFormat.java test/sun/security/util/Resources/NewResourcesNames.java
diffstat 40 files changed, 1741 insertions(+), 1292 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/com/sun/security/auth/NTDomainPrincipal.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/NTDomainPrincipal.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2001, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -68,7 +68,7 @@
         if (name == null) {
             java.text.MessageFormat form = new java.text.MessageFormat
                 (sun.security.util.ResourcesMgr.getString
-                        ("invalid null input: value",
+                        ("invalid.null.input.value",
                         "sun.security.util.AuthResources"));
             Object[] source = {"name"};
             throw new NullPointerException(form.format(source));
@@ -99,7 +99,7 @@
     public String toString() {
         java.text.MessageFormat form = new java.text.MessageFormat
                 (sun.security.util.ResourcesMgr.getString
-                        ("NTDomainPrincipal: name",
+                        ("NTDomainPrincipal.name",
                         "sun.security.util.AuthResources"));
         Object[] source = {name};
         return form.format(source);
--- a/src/share/classes/com/sun/security/auth/NTNumericCredential.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/NTNumericCredential.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2002, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -70,7 +70,7 @@
     public String toString() {
         java.text.MessageFormat form = new java.text.MessageFormat
                 (sun.security.util.ResourcesMgr.getString
-                        ("NTNumericCredential: name",
+                        ("NTNumericCredential.name",
                         "sun.security.util.AuthResources"));
         Object[] source = {Long.toString(impersonationToken)};
         return form.format(source);
--- a/src/share/classes/com/sun/security/auth/NTSid.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/NTSid.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -73,7 +73,7 @@
         if (stringSid == null) {
             java.text.MessageFormat form = new java.text.MessageFormat
                 (sun.security.util.ResourcesMgr.getString
-                        ("invalid null input: value",
+                        ("invalid.null.input.value",
                         "sun.security.util.AuthResources"));
             Object[] source = {"stringSid"};
             throw new NullPointerException(form.format(source));
@@ -81,7 +81,7 @@
         if (stringSid.length() == 0) {
             throw new IllegalArgumentException
                 (sun.security.util.ResourcesMgr.getString
-                        ("Invalid NTSid value",
+                        ("Invalid.NTSid.value",
                         "sun.security.util.AuthResources"));
         }
         sid = new String(stringSid);
@@ -108,7 +108,7 @@
     public String toString() {
         java.text.MessageFormat form = new java.text.MessageFormat
                 (sun.security.util.ResourcesMgr.getString
-                        ("NTSid: name",
+                        ("NTSid.name",
                         "sun.security.util.AuthResources"));
         Object[] source = {sid};
         return form.format(source);
--- a/src/share/classes/com/sun/security/auth/NTSidDomainPrincipal.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/NTSidDomainPrincipal.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -73,7 +73,7 @@
     public String toString() {
         java.text.MessageFormat form = new java.text.MessageFormat
                 (sun.security.util.ResourcesMgr.getString
-                        ("NTSidDomainPrincipal: name",
+                        ("NTSidDomainPrincipal.name",
                         "sun.security.util.AuthResources"));
         Object[] source = {getName()};
         return form.format(source);
--- a/src/share/classes/com/sun/security/auth/NTSidGroupPrincipal.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/NTSidGroupPrincipal.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -68,7 +68,7 @@
     public String toString() {
         java.text.MessageFormat form = new java.text.MessageFormat
                 (sun.security.util.ResourcesMgr.getString
-                        ("NTSidGroupPrincipal: name",
+                        ("NTSidGroupPrincipal.name",
                         "sun.security.util.AuthResources"));
         Object[] source = {getName()};
         return form.format(source);
--- a/src/share/classes/com/sun/security/auth/NTSidPrimaryGroupPrincipal.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/NTSidPrimaryGroupPrincipal.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -70,7 +70,7 @@
     public String toString() {
         java.text.MessageFormat form = new java.text.MessageFormat
                 (sun.security.util.ResourcesMgr.getString
-                        ("NTSidPrimaryGroupPrincipal: name",
+                        ("NTSidPrimaryGroupPrincipal.name",
                         "sun.security.util.AuthResources"));
         Object[] source = {getName()};
         return form.format(source);
--- a/src/share/classes/com/sun/security/auth/NTSidUserPrincipal.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/NTSidUserPrincipal.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -67,7 +67,7 @@
     public String toString() {
         java.text.MessageFormat form = new java.text.MessageFormat
                 (sun.security.util.ResourcesMgr.getString
-                        ("NTSidUserPrincipal: name",
+                        ("NTSidUserPrincipal.name",
                         "sun.security.util.AuthResources"));
         Object[] source = {getName()};
         return form.format(source);
--- a/src/share/classes/com/sun/security/auth/NTUserPrincipal.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/NTUserPrincipal.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2001, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -64,7 +64,7 @@
         if (name == null) {
             java.text.MessageFormat form = new java.text.MessageFormat
                 (sun.security.util.ResourcesMgr.getString
-                        ("invalid null input: value",
+                        ("invalid.null.input.value",
                         "sun.security.util.AuthResources"));
             Object[] source = {"name"};
             throw new NullPointerException(form.format(source));
@@ -93,7 +93,7 @@
     public String toString() {
         java.text.MessageFormat form = new java.text.MessageFormat
                 (sun.security.util.ResourcesMgr.getString
-                        ("NTUserPrincipal: name",
+                        ("NTUserPrincipal.name",
                         "sun.security.util.AuthResources"));
         Object[] source = {name};
         return form.format(source);
--- a/src/share/classes/com/sun/security/auth/PolicyFile.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/PolicyFile.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -490,9 +490,9 @@
             }
         } catch (PolicyParser.ParsingException pe) {
             System.err.println(AUTH_POLICY +
-                                rb.getString(": error parsing ") + policy);
+                                rb.getString(".error.parsing.") + policy);
             System.err.println(AUTH_POLICY +
-                                rb.getString(": ") +
+                                rb.getString("COLON") +
                                 pe.getMessage());
             if (debug != null)
                 pe.printStackTrace();
@@ -635,16 +635,16 @@
                 } catch (java.lang.reflect.InvocationTargetException ite) {
                     System.err.println
                         (AUTH_POLICY +
-                        rb.getString(": error adding Permission ") +
+                        rb.getString(".error.adding.Permission.") +
                         pe.permission +
-                        rb.getString(" ") +
+                        rb.getString("SPACE") +
                         ite.getTargetException());
                 } catch (Exception e) {
                     System.err.println
                         (AUTH_POLICY +
-                        rb.getString(": error adding Permission ") +
+                        rb.getString(".error.adding.Permission.") +
                         pe.permission +
-                        rb.getString(" ") +
+                        rb.getString("SPACE") +
                         e);
                 }
             }
@@ -652,9 +652,9 @@
         } catch (Exception e) {
             System.err.println
                 (AUTH_POLICY +
-                rb.getString(": error adding Entry ") +
+                rb.getString(".error.adding.Entry.") +
                 ge +
-                rb.getString(" ") +
+                rb.getString("SPACE") +
                 e);
         }
 
@@ -1373,18 +1373,18 @@
 
         public String toString(){
             StringBuffer sb = new StringBuffer();
-            sb.append(rb.getString("("));
+            sb.append(rb.getString("LPARAM"));
             sb.append(getCodeSource());
             sb.append("\n");
             for (int j = 0; j < permissions.size(); j++) {
                 Permission p = permissions.elementAt(j);
-                sb.append(rb.getString(" "));
-                sb.append(rb.getString(" "));
+                sb.append(rb.getString("SPACE"));
+                sb.append(rb.getString("SPACE"));
                 sb.append(p);
-                sb.append(rb.getString("\n"));
+                sb.append(rb.getString("NEWLINE"));
             }
-            sb.append(rb.getString(")"));
-            sb.append(rb.getString("\n"));
+            sb.append(rb.getString("RPARAM"));
+            sb.append(rb.getString("NEWLINE"));
             return sb.toString();
         }
 
@@ -1415,7 +1415,7 @@
         if (isReadOnly())
             throw new SecurityException
             (PolicyFile.rb.getString
-            ("attempt to add a Permission to a readonly PermissionCollection"));
+            ("attempt.to.add.a.Permission.to.a.readonly.PermissionCollection"));
 
         if (perms == null) {
             if (additionalPerms == null)
--- a/src/share/classes/com/sun/security/auth/PolicyParser.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/PolicyParser.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -300,7 +300,7 @@
             keyStoreType = match("quoted string");
         } else {
             throw new ParsingException(st.lineno(),
-                        rb.getString("expected keystore type"));
+                        rb.getString("expected.keystore.type"));
         }
     }
 
@@ -368,8 +368,8 @@
                                 "WILDCARD class but no WILDCARD name");
                     throw new ParsingException
                         (st.lineno(),
-                        rb.getString("can not specify Principal with a ") +
-                        rb.getString("wildcard class without a wildcard name"));
+                        rb.getString("can.not.specify.Principal.with.a.") +
+                        rb.getString("wildcard.class.without.a.wildcard.name"));
                 }
 
                 try {
@@ -389,7 +389,7 @@
             } else {
                 throw new
                  ParsingException(st.lineno(),
-                        rb.getString("expected codeBase or SignedBy"));
+                        rb.getString("expected.codeBase.or.SignedBy"));
             }
         }
 
@@ -397,7 +397,7 @@
         if (principals == null) {
             throw new ParsingException
                 (st.lineno(),
-                rb.getString("only Principal-based grant entries permitted"));
+                rb.getString("only.Principal.based.grant.entries.permitted"));
         }
 
         e.principals = principals;
@@ -416,7 +416,7 @@
             } else {
                 throw new
                     ParsingException(st.lineno(),
-                    rb.getString("expected permission entry"));
+                    rb.getString("expected.permission.entry"));
             }
         }
         match("}");
@@ -522,12 +522,12 @@
         switch (lookahead) {
         case StreamTokenizer.TT_NUMBER:
             throw new ParsingException(st.lineno(), expect,
-                                        rb.getString("number ") +
+                                        rb.getString("number.") +
                                         String.valueOf(st.nval));
         case StreamTokenizer.TT_EOF:
            throw new ParsingException
-                (rb.getString("expected ") + expect +
-                rb.getString(", read end of file"));
+                (rb.getString("expected.") + expect +
+                rb.getString(".read.end.of.file"));
         case StreamTokenizer.TT_WORD:
             if (expect.equalsIgnoreCase(st.sval)) {
                 lookahead = st.nextToken();
@@ -603,11 +603,11 @@
         switch (lookahead) {
         case StreamTokenizer.TT_NUMBER:
             throw new ParsingException(st.lineno(), ";",
-                                       rb.getString("number ") +
+                                       rb.getString("number.") +
                                         String.valueOf(st.nval));
         case StreamTokenizer.TT_EOF:
           throw new ParsingException
-                (rb.getString("expected ';', read end of file"));
+                (rb.getString("expected.read.end.of.file"));
         default:
           lookahead = st.nextToken();
         }
@@ -942,13 +942,13 @@
         }
 
         public ParsingException(int line, String msg) {
-            super(rb.getString("line ") + line + rb.getString(": ") + msg);
+            super(rb.getString("line.") + line + rb.getString("COLON") + msg);
         }
 
         public ParsingException(int line, String expect, String actual) {
-            super(rb.getString("line ") + line + rb.getString(": expected '") +
-                expect + rb.getString("', found '") + actual +
-                rb.getString("'"));
+            super(rb.getString("line.") + line + rb.getString(".expected.") +
+                expect + rb.getString(".found.") + actual +
+                rb.getString("QUOTE"));
         }
     }
 
--- a/src/share/classes/com/sun/security/auth/SolarisNumericGroupPrincipal.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/SolarisNumericGroupPrincipal.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -89,7 +89,7 @@
      */
     public SolarisNumericGroupPrincipal(String name, boolean primaryGroup) {
         if (name == null)
-            throw new NullPointerException(rb.getString("provided null name"));
+            throw new NullPointerException(rb.getString("provided.null.name"));
 
         this.name = name;
         this.primaryGroup = primaryGroup;
@@ -165,9 +165,9 @@
     public String toString() {
         return((primaryGroup ?
             rb.getString
-            ("SolarisNumericGroupPrincipal [Primary Group]: ") + name :
+            ("SolarisNumericGroupPrincipal.Primary.Group.") + name :
             rb.getString
-            ("SolarisNumericGroupPrincipal [Supplementary Group]: ") + name));
+            ("SolarisNumericGroupPrincipal.Supplementary.Group.") + name));
     }
 
     /**
--- a/src/share/classes/com/sun/security/auth/SolarisNumericUserPrincipal.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/SolarisNumericUserPrincipal.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -80,7 +80,7 @@
      */
     public SolarisNumericUserPrincipal(String name) {
         if (name == null)
-            throw new NullPointerException(rb.getString("provided null name"));
+            throw new NullPointerException(rb.getString("provided.null.name"));
 
         this.name = name;
     }
@@ -134,7 +134,7 @@
      *          <code>SolarisNumericUserPrincipal</code>.
      */
     public String toString() {
-        return(rb.getString("SolarisNumericUserPrincipal: ") + name);
+        return(rb.getString("SolarisNumericUserPrincipal.") + name);
     }
 
     /**
--- a/src/share/classes/com/sun/security/auth/SolarisPrincipal.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/SolarisPrincipal.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -76,7 +76,7 @@
      */
     public SolarisPrincipal(String name) {
         if (name == null)
-            throw new NullPointerException(rb.getString("provided null name"));
+            throw new NullPointerException(rb.getString("provided.null.name"));
 
         this.name = name;
     }
@@ -100,7 +100,7 @@
      * @return a string representation of this <code>SolarisPrincipal</code>.
      */
     public String toString() {
-        return(rb.getString("SolarisPrincipal: ") + name);
+        return(rb.getString("SolarisPrincipal.") + name);
     }
 
     /**
--- a/src/share/classes/com/sun/security/auth/SubjectCodeSource.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/SubjectCodeSource.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -395,7 +395,7 @@
                                         principals.listIterator();
             while (li.hasNext()) {
                 PolicyParser.PrincipalEntry pppe = li.next();
-                returnMe = returnMe + rb.getString("\n") +
+                returnMe = returnMe + rb.getString("NEWLINE") +
                         pppe.principalClass + " " +
                         pppe.principalName;
             }
--- a/src/share/classes/com/sun/security/auth/UnixNumericGroupPrincipal.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/UnixNumericGroupPrincipal.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -77,7 +77,7 @@
         if (name == null) {
             java.text.MessageFormat form = new java.text.MessageFormat
                 (sun.security.util.ResourcesMgr.getString
-                        ("invalid null input: value",
+                        ("invalid.null.input.value",
                         "sun.security.util.AuthResources"));
             Object[] source = {"name"};
             throw new NullPointerException(form.format(source));
@@ -159,14 +159,14 @@
         if (primaryGroup) {
             java.text.MessageFormat form = new java.text.MessageFormat
                 (sun.security.util.ResourcesMgr.getString
-                        ("UnixNumericGroupPrincipal [Primary Group]: name",
+                        ("UnixNumericGroupPrincipal.Primary.Group.name",
                         "sun.security.util.AuthResources"));
             Object[] source = {name};
             return form.format(source);
         } else {
             java.text.MessageFormat form = new java.text.MessageFormat
                 (sun.security.util.ResourcesMgr.getString
-                    ("UnixNumericGroupPrincipal [Supplementary Group]: name",
+                    ("UnixNumericGroupPrincipal.Supplementary.Group.name",
                     "sun.security.util.AuthResources"));
             Object[] source = {name};
             return form.format(source);
--- a/src/share/classes/com/sun/security/auth/UnixNumericUserPrincipal.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/UnixNumericUserPrincipal.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -67,7 +67,7 @@
         if (name == null) {
             java.text.MessageFormat form = new java.text.MessageFormat
                 (sun.security.util.ResourcesMgr.getString
-                        ("invalid null input: value",
+                        ("invalid.null.input.value",
                         "sun.security.util.AuthResources"));
             Object[] source = {"name"};
             throw new NullPointerException(form.format(source));
@@ -127,7 +127,7 @@
     public String toString() {
         java.text.MessageFormat form = new java.text.MessageFormat
                 (sun.security.util.ResourcesMgr.getString
-                        ("UnixNumericUserPrincipal: name",
+                        ("UnixNumericUserPrincipal.name",
                         "sun.security.util.AuthResources"));
         Object[] source = {name};
         return form.format(source);
--- a/src/share/classes/com/sun/security/auth/UnixPrincipal.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/UnixPrincipal.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -64,7 +64,7 @@
         if (name == null) {
             java.text.MessageFormat form = new java.text.MessageFormat
                 (sun.security.util.ResourcesMgr.getString
-                        ("invalid null input: value",
+                        ("invalid.null.input.value",
                         "sun.security.util.AuthResources"));
             Object[] source = {"name"};
             throw new NullPointerException(form.format(source));
@@ -94,7 +94,7 @@
     public String toString() {
         java.text.MessageFormat form = new java.text.MessageFormat
                 (sun.security.util.ResourcesMgr.getString
-                        ("UnixPrincipal: name",
+                        ("UnixPrincipal.name",
                         "sun.security.util.AuthResources"));
         Object[] source = {name};
         return form.format(source);
--- a/src/share/classes/com/sun/security/auth/X500Principal.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/X500Principal.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -87,7 +87,7 @@
      */
     public X500Principal(String name) {
         if (name == null)
-            throw new NullPointerException(rb.getString("provided null name"));
+            throw new NullPointerException(rb.getString("provided.null.name"));
 
         try {
             thisX500Name = new X500Name(name);
--- a/src/share/classes/com/sun/security/auth/login/ConfigFile.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/login/ConfigFile.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2008, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -190,7 +190,7 @@
                 } catch (PropertyExpander.ExpandException peee) {
                     MessageFormat form = new MessageFormat
                         (ResourcesMgr.getString
-                                ("Unable to properly expand config",
+                                ("Unable.to.properly.expand.config",
                                 "sun.security.util.AuthResources"));
                     Object[] source = {extra_config};
                     throw new IOException(form.format(source));
@@ -206,7 +206,7 @@
                     } else {
                         MessageFormat form = new MessageFormat
                             (ResourcesMgr.getString
-                                ("extra_config (No such file or directory)",
+                                ("extra.config.No.such.file.or.directory.",
                                 "sun.security.util.AuthResources"));
                         Object[] source = {extra_config};
                         throw new IOException(form.format(source));
@@ -243,7 +243,7 @@
             } catch (PropertyExpander.ExpandException peee) {
                 MessageFormat form = new MessageFormat
                         (ResourcesMgr.getString
-                                ("Unable to properly expand config",
+                                ("Unable.to.properly.expand.config",
                                 "sun.security.util.AuthResources"));
                 Object[] source = {config_url};
                 throw new IOException(form.format(source));
@@ -286,7 +286,7 @@
                 debugConfig.println(fnfe.toString());
             }
             throw new IOException(ResourcesMgr.getString
-                    ("Configuration Error:\n\tNo such file or directory",
+                    ("Configuration.Error.No.such.file.or.directory",
                     "sun.security.util.AuthResources"));
         } finally {
             if (isr != null) {
@@ -426,7 +426,7 @@
                         AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL;
             else {
                 MessageFormat form = new MessageFormat(ResourcesMgr.getString
-                        ("Configuration Error:\n\tInvalid control flag, flag",
+                        ("Configuration.Error.Invalid.control.flag.flag",
                         "sun.security.util.AuthResources"));
                 Object[] source = {sflag};
                 throw new IOException(form.format(source));
@@ -474,8 +474,7 @@
         // add this configuration entry
         if (newConfig.containsKey(appName)) {
             MessageFormat form = new MessageFormat(ResourcesMgr.getString
-                ("Configuration Error:\n\t" +
-                        "Can not specify multiple entries for appName",
+                ("Configuration.Error.Can.not.specify.multiple.entries.for.appName",
                 "sun.security.util.AuthResources"));
             Object[] source = {appName};
             throw new IOException(form.format(source));
@@ -491,8 +490,7 @@
         case StreamTokenizer.TT_EOF:
 
             MessageFormat form1 = new MessageFormat(ResourcesMgr.getString
-                ("Configuration Error:\n\texpected [expect], " +
-                        "read [end of file]",
+                ("Configuration.Error.expected.expect.read.end.of.file.",
                 "sun.security.util.AuthResources"));
             Object[] source1 = {expect};
             throw new IOException(form1.format(source1));
@@ -508,8 +506,7 @@
                 lookahead = nextToken();
             } else {
                 MessageFormat form = new MessageFormat(ResourcesMgr.getString
-                        ("Configuration Error:\n\tLine line: " +
-                                "expected [expect], found [value]",
+                        ("Configuration.Error.Line.line.expected.expect.found.value.",
                         "sun.security.util.AuthResources"));
                 Object[] source = {new Integer(linenum), expect, st.sval};
                 throw new IOException(form.format(source));
@@ -522,7 +519,7 @@
                 lookahead = nextToken();
             } else {
                 MessageFormat form = new MessageFormat(ResourcesMgr.getString
-                        ("Configuration Error:\n\tLine line: expected [expect]",
+                        ("Configuration.Error.Line.line.expected.expect.",
                         "sun.security.util.AuthResources"));
                 Object[] source = {new Integer(linenum), expect, st.sval};
                 throw new IOException(form.format(source));
@@ -535,7 +532,7 @@
                 lookahead = nextToken();
             } else {
                 MessageFormat form = new MessageFormat(ResourcesMgr.getString
-                        ("Configuration Error:\n\tLine line: expected [expect]",
+                        ("Configuration.Error.Line.line.expected.expect.",
                         "sun.security.util.AuthResources"));
                 Object[] source = {new Integer(linenum), expect, st.sval};
                 throw new IOException(form.format(source));
@@ -548,7 +545,7 @@
                 lookahead = nextToken();
             } else {
                 MessageFormat form = new MessageFormat(ResourcesMgr.getString
-                        ("Configuration Error:\n\tLine line: expected [expect]",
+                        ("Configuration.Error.Line.line.expected.expect.",
                         "sun.security.util.AuthResources"));
                 Object[] source = {new Integer(linenum), expect, st.sval};
                 throw new IOException(form.format(source));
@@ -561,7 +558,7 @@
                 lookahead = nextToken();
             } else {
                 MessageFormat form = new MessageFormat(ResourcesMgr.getString
-                        ("Configuration Error:\n\tLine line: expected [expect]",
+                        ("Configuration.Error.Line.line.expected.expect.",
                         "sun.security.util.AuthResources"));
                 Object[] source = {new Integer(linenum), expect, st.sval};
                 throw new IOException(form.format(source));
@@ -570,8 +567,7 @@
 
         default:
             MessageFormat form = new MessageFormat(ResourcesMgr.getString
-                        ("Configuration Error:\n\tLine line: " +
-                                "expected [expect], found [value]",
+                        ("Configuration.Error.Line.line.expected.expect.found.value.",
                         "sun.security.util.AuthResources"));
             Object[] source = {new Integer(linenum), expect, st.sval};
             throw new IOException(form.format(source));
@@ -667,8 +663,7 @@
 
             if (s == null || s.length() == 0) {
                 MessageFormat form = new MessageFormat(ResourcesMgr.getString
-                        ("Configuration Error:\n\tLine line: " +
-                        "system property [value] expanded to empty value",
+                        ("Configuration.Error.Line.line.system.property.value.expanded.to.empty.value",
                         "sun.security.util.AuthResources"));
                 Object[] source = {new Integer(linenum), value};
                 throw new IOException(form.format(source));
--- a/src/share/classes/com/sun/security/auth/module/JndiLoginModule.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/module/JndiLoginModule.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -686,9 +686,9 @@
 
         Callback[] callbacks = new Callback[2];
         callbacks[0] = new NameCallback(protocol + " "
-                                            + rb.getString("username: "));
+                                            + rb.getString("username."));
         callbacks[1] = new PasswordCallback(protocol + " " +
-                                                rb.getString("password: "),
+                                                rb.getString("password."),
                                             false);
 
         try {
--- a/src/share/classes/com/sun/security/auth/module/KeyStoreLoginModule.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/module/KeyStoreLoginModule.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -150,7 +150,7 @@
     private static final TextOutputCallback bannerCallback =
                 new TextOutputCallback
                         (TextOutputCallback.INFORMATION,
-                        rb.getString("Please enter keystore information"));
+                        rb.getString("Please.enter.keystore.information"));
     private final ConfirmationCallback confirmationCallback =
                 new ConfirmationCallback
                         (ConfirmationCallback.INFORMATION,
@@ -364,10 +364,10 @@
             NameCallback aliasCallback;
             if (keyStoreAlias == null || keyStoreAlias.length() == 0) {
                 aliasCallback = new NameCallback(
-                                        rb.getString("Keystore alias: "));
+                                        rb.getString("Keystore.alias."));
             } else {
                 aliasCallback =
-                    new NameCallback(rb.getString("Keystore alias: "),
+                    new NameCallback(rb.getString("Keystore.alias."),
                                      keyStoreAlias);
             }
 
@@ -379,11 +379,11 @@
                 break;
             case NORMAL:
                 keyPassCallback = new PasswordCallback
-                    (rb.getString("Private key password (optional): "), false);
+                    (rb.getString("Private.key.password.optional."), false);
                 // fall thru
             case TOKEN:
                 storePassCallback = new PasswordCallback
-                    (rb.getString("Keystore password: "), false);
+                    (rb.getString("Keystore.password."), false);
                 break;
             }
             prompt(aliasCallback, storePassCallback, keyPassCallback);
--- a/src/share/classes/com/sun/security/auth/module/Krb5LoginModule.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/module/Krb5LoginModule.java	Thu Nov 11 15:51:12 2010 +0800
@@ -780,7 +780,7 @@
                 Callback[] callbacks = new Callback[1];
                 MessageFormat form = new MessageFormat(
                                        rb.getString(
-                                       "Kerberos username [[defUsername]]: "));
+                                       "Kerberos.username.defUsername."));
                 Object[] source =  {defUsername};
                 callbacks[0] = new NameCallback(form.format(source));
                 callbackHandler.handle(callbacks);
@@ -835,7 +835,7 @@
                 String userName = krb5PrincName.toString();
                 MessageFormat form = new MessageFormat(
                                          rb.getString(
-                                         "Kerberos password for [username]: "));
+                                         "Kerberos.password.for.username."));
                 Object[] source = {userName};
                 callbacks[0] = new PasswordCallback(
                                                     form.format(source),
--- a/src/share/classes/com/sun/security/auth/module/LdapLoginModule.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/com/sun/security/auth/module/LdapLoginModule.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -969,8 +969,8 @@
                 "to acquire authentication information from the user");
 
         Callback[] callbacks = new Callback[2];
-        callbacks[0] = new NameCallback(rb.getString("username: "));
-        callbacks[1] = new PasswordCallback(rb.getString("password: "), false);
+        callbacks[0] = new NameCallback(rb.getString("username."));
+        callbacks[1] = new PasswordCallback(rb.getString("password."), false);
 
         try {
             callbackHandler.handle(callbacks);
--- a/src/share/classes/javax/security/auth/Policy.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/javax/security/auth/Policy.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -237,7 +237,7 @@
                     } catch (Exception e) {
                         throw new SecurityException
                                 (sun.security.util.ResourcesMgr.getString
-                                ("unable to instantiate Subject-based policy"));
+                                ("unable.to.instantiate.Subject.based.policy"));
                     }
                 }
             }
--- a/src/share/classes/javax/security/auth/PrivateCredentialPermission.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/javax/security/auth/PrivateCredentialPermission.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -172,7 +172,7 @@
 
         if (!"read".equalsIgnoreCase(actions))
             throw new IllegalArgumentException
-                (ResourcesMgr.getString("actions can only be 'read'"));
+                (ResourcesMgr.getString("actions.can.only.be.read."));
         init(name);
     }
 
@@ -344,12 +344,11 @@
 
         if (tokenizer.hasMoreTokens() == false) {
             MessageFormat form = new MessageFormat(ResourcesMgr.getString
-                ("permission name [name] syntax invalid: "));
+                ("permission.name.name.syntax.invalid."));
             Object[] source = {name};
             throw new IllegalArgumentException
                 (form.format(source) + ResourcesMgr.getString
-                        ("Credential Class not followed by a " +
-                        "Principal Class and Name"));
+                        ("Credential.Class.not.followed.by.a.Principal.Class.and.Name"));
         }
 
         while (tokenizer.hasMoreTokens()) {
@@ -364,11 +363,11 @@
 
             if (tokenizer.hasMoreTokens() == false) {
                 MessageFormat form = new MessageFormat(ResourcesMgr.getString
-                        ("permission name [name] syntax invalid: "));
+                        ("permission.name.name.syntax.invalid."));
                 Object[] source = {name};
                 throw new IllegalArgumentException
                         (form.format(source) + ResourcesMgr.getString
-                        ("Principal Class not followed by a Principal Name"));
+                        ("Principal.Class.not.followed.by.a.Principal.Name"));
             }
 
             // skip delimiter
@@ -379,11 +378,11 @@
 
             if (!principalName.startsWith("\"")) {
                 MessageFormat form = new MessageFormat(ResourcesMgr.getString
-                        ("permission name [name] syntax invalid: "));
+                        ("permission.name.name.syntax.invalid."));
                 Object[] source = {name};
                 throw new IllegalArgumentException
                         (form.format(source) + ResourcesMgr.getString
-                        ("Principal Name must be surrounded by quotes"));
+                        ("Principal.Name.must.be.surrounded.by.quotes"));
             }
 
             if (!principalName.endsWith("\"")) {
@@ -401,11 +400,11 @@
                 if (!principalName.endsWith("\"")) {
                     MessageFormat form = new MessageFormat
                         (ResourcesMgr.getString
-                        ("permission name [name] syntax invalid: "));
+                        ("permission.name.name.syntax.invalid."));
                     Object[] source = {name};
                     throw new IllegalArgumentException
                         (form.format(source) + ResourcesMgr.getString
-                                ("Principal Name missing end quote"));
+                                ("Principal.Name.missing.end.quote"));
                 }
             }
 
@@ -418,9 +417,7 @@
             if (principalClass.equals("*") &&
                 !principalName.equals("*")) {
                     throw new IllegalArgumentException(ResourcesMgr.getString
-                        ("PrivateCredentialPermission Principal Class " +
-                        "can not be a wildcard (*) value if Principal Name " +
-                        "is not a wildcard (*) value"));
+                        ("PrivateCredentialPermission.Principal.Class.can.not.be.a.wildcard.value.if.Principal.Name.is.not.a.wildcard.value"));
             }
 
             if (testing)
@@ -556,8 +553,7 @@
 
         public String toString() {
             MessageFormat form = new MessageFormat(ResourcesMgr.getString
-                ("CredOwner:\n\tPrincipal Class = class\n\t" +
-                        "Principal Name = name"));
+                ("CredOwner.Principal.Class.class.Principal.Name.name"));
             Object[] source = {principalClass, principalName};
             return (form.format(source));
         }
--- a/src/share/classes/javax/security/auth/Subject.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/javax/security/auth/Subject.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -204,7 +204,7 @@
             pubCredentials == null ||
             privCredentials == null)
             throw new NullPointerException
-                (ResourcesMgr.getString("invalid null input(s)"));
+                (ResourcesMgr.getString("invalid.null.input.s."));
 
         this.principals = Collections.synchronizedSet(new SecureSet<Principal>
                                 (this, PRINCIPAL_SET, principals));
@@ -289,7 +289,7 @@
 
         if (acc == null) {
             throw new NullPointerException(ResourcesMgr.getString
-                ("invalid null AccessControlContext provided"));
+                ("invalid.null.AccessControlContext.provided"));
         }
 
         // return the Subject from the DomainCombiner of the provided context
@@ -346,7 +346,7 @@
         }
         if (action == null)
             throw new NullPointerException
-                (ResourcesMgr.getString("invalid null action provided"));
+                (ResourcesMgr.getString("invalid.null.action.provided"));
 
         // set up the new Subject-based AccessControlContext
         // for doPrivileged
@@ -406,7 +406,7 @@
 
         if (action == null)
             throw new NullPointerException
-                (ResourcesMgr.getString("invalid null action provided"));
+                (ResourcesMgr.getString("invalid.null.action.provided"));
 
         // set up the new Subject-based AccessControlContext for doPrivileged
         final AccessControlContext currentAcc = AccessController.getContext();
@@ -460,7 +460,7 @@
 
         if (action == null)
             throw new NullPointerException
-                (ResourcesMgr.getString("invalid null action provided"));
+                (ResourcesMgr.getString("invalid.null.action.provided"));
 
         // set up the new Subject-based AccessControlContext
         // for doPrivileged
@@ -524,7 +524,7 @@
 
         if (action == null)
             throw new NullPointerException
-                (ResourcesMgr.getString("invalid null action provided"));
+                (ResourcesMgr.getString("invalid.null.action.provided"));
 
         // set up the new Subject-based AccessControlContext for doPrivileged
         final AccessControlContext callerAcc =
@@ -603,7 +603,7 @@
 
         if (c == null)
             throw new NullPointerException
-                (ResourcesMgr.getString("invalid null Class provided"));
+                (ResourcesMgr.getString("invalid.null.Class.provided"));
 
         // always return an empty Set instead of null
         // so LoginModules can add to the Set if necessary
@@ -697,7 +697,7 @@
 
         if (c == null)
             throw new NullPointerException
-                (ResourcesMgr.getString("invalid null Class provided"));
+                (ResourcesMgr.getString("invalid.null.Class.provided"));
 
         // always return an empty Set instead of null
         // so LoginModules can add to the Set if necessary
@@ -742,7 +742,7 @@
 
         if (c == null)
             throw new NullPointerException
-                (ResourcesMgr.getString("invalid null Class provided"));
+                (ResourcesMgr.getString("invalid.null.Class.provided"));
 
         // always return an empty Set instead of null
         // so LoginModules can add to the Set if necessary
@@ -832,15 +832,15 @@
      */
     String toString(boolean includePrivateCredentials) {
 
-        String s = ResourcesMgr.getString("Subject:\n");
+        String s = ResourcesMgr.getString("Subject.");
         String suffix = "";
 
         synchronized(principals) {
             Iterator<Principal> pI = principals.iterator();
             while (pI.hasNext()) {
                 Principal p = pI.next();
-                suffix = suffix + ResourcesMgr.getString("\tPrincipal: ") +
-                        p.toString() + ResourcesMgr.getString("\n");
+                suffix = suffix + ResourcesMgr.getString(".Principal.") +
+                        p.toString() + ResourcesMgr.getString("NEWLINE");
             }
         }
 
@@ -849,8 +849,8 @@
             while (pI.hasNext()) {
                 Object o = pI.next();
                 suffix = suffix +
-                        ResourcesMgr.getString("\tPublic Credential: ") +
-                        o.toString() + ResourcesMgr.getString("\n");
+                        ResourcesMgr.getString(".Public.Credential.") +
+                        o.toString() + ResourcesMgr.getString("NEWLINE");
             }
         }
 
@@ -861,12 +861,12 @@
                     try {
                         Object o = pI.next();
                         suffix += ResourcesMgr.getString
-                                        ("\tPrivate Credential: ") +
+                                        (".Private.Credential.") +
                                         o.toString() +
-                                        ResourcesMgr.getString("\n");
+                                        ResourcesMgr.getString("NEWLINE");
                     } catch (SecurityException se) {
                         suffix += ResourcesMgr.getString
-                                ("\tPrivate Credential inaccessible\n");
+                                (".Private.Credential.inaccessible.");
                         break;
                     }
                 }
@@ -1036,7 +1036,7 @@
 
                     if (subject.isReadOnly()) {
                         throw new IllegalStateException(ResourcesMgr.getString
-                                ("Subject is read-only"));
+                                ("Subject.is.read.only"));
                     }
 
                     java.lang.SecurityManager sm = System.getSecurityManager();
@@ -1062,7 +1062,7 @@
 
             if (subject.isReadOnly()) {
                 throw new IllegalStateException
-                        (ResourcesMgr.getString("Subject is read-only"));
+                        (ResourcesMgr.getString("Subject.is.read.only"));
             }
 
             java.lang.SecurityManager sm = System.getSecurityManager();
@@ -1084,9 +1084,7 @@
             case Subject.PRINCIPAL_SET:
                 if (!(o instanceof Principal)) {
                     throw new SecurityException(ResourcesMgr.getString
-                        ("attempting to add an object which is not an " +
-                        "instance of java.security.Principal to a " +
-                        "Subject's Principal Set"));
+                        ("attempting.to.add.an.object.which.is.not.an.instance.of.java.security.Principal.to.a.Subject.s.Principal.Set"));
                 }
                 break;
             default:
@@ -1389,8 +1387,7 @@
 
             if (!o.getClass().isAssignableFrom(c)) {
                 MessageFormat form = new MessageFormat(ResourcesMgr.getString
-                        ("attempting to add an object which is not an " +
-                        "instance of class"));
+                        ("attempting.to.add.an.object.which.is.not.an.instance.of.class"));
                 Object[] source = {c.toString()};
                 throw new SecurityException(form.format(source));
             }
--- a/src/share/classes/javax/security/auth/login/AppConfigurationEntry.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/javax/security/auth/login/AppConfigurationEntry.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -167,7 +167,7 @@
          */
         public String toString() {
             return (sun.security.util.ResourcesMgr.getString
-                ("LoginModuleControlFlag: ") + controlFlag);
+                ("LoginModuleControlFlag.") + controlFlag);
         }
     }
 }
--- a/src/share/classes/javax/security/auth/login/LoginContext.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/javax/security/auth/login/LoginContext.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -244,7 +244,7 @@
 
         if (name == null)
             throw new LoginException
-                (ResourcesMgr.getString("Invalid null input: name"));
+                (ResourcesMgr.getString("Invalid.null.input.name"));
 
         // get the Configuration
         if (config == null) {
@@ -268,7 +268,7 @@
             entries = config.getAppConfigurationEntry(OTHER);
             if (entries == null) {
                 MessageFormat form = new MessageFormat(ResourcesMgr.getString
-                        ("No LoginModules configured for name"));
+                        ("No.LoginModules.configured.for.name"));
                 Object[] source = {name};
                 throw new LoginException(form.format(source));
             }
@@ -382,7 +382,7 @@
         init(name);
         if (subject == null)
             throw new LoginException
-                (ResourcesMgr.getString("invalid null Subject provided"));
+                (ResourcesMgr.getString("invalid.null.Subject.provided"));
         this.subject = subject;
         subjectProvided = true;
         loadDefaultCallbackHandler();
@@ -418,7 +418,7 @@
         init(name);
         if (callbackHandler == null)
             throw new LoginException(ResourcesMgr.getString
-                                ("invalid null CallbackHandler provided"));
+                                ("invalid.null.CallbackHandler.provided"));
         this.callbackHandler = new SecureCallbackHandler
                                 (java.security.AccessController.getContext(),
                                 callbackHandler);
@@ -459,7 +459,7 @@
         this(name, subject);
         if (callbackHandler == null)
             throw new LoginException(ResourcesMgr.getString
-                                ("invalid null CallbackHandler provided"));
+                                ("invalid.null.CallbackHandler.provided"));
         this.callbackHandler = new SecureCallbackHandler
                                 (java.security.AccessController.getContext(),
                                 callbackHandler);
@@ -633,7 +633,7 @@
     public void logout() throws LoginException {
         if (subject == null) {
             throw new LoginException(ResourcesMgr.getString
-                ("null subject - logout called before login"));
+                ("null.subject.logout.called.before.login"));
         }
 
         if (configProvided) {
@@ -811,21 +811,20 @@
 
             } catch (NoSuchMethodException nsme) {
                 MessageFormat form = new MessageFormat(ResourcesMgr.getString
-                        ("unable to instantiate LoginModule, module, because " +
-                        "it does not provide a no-argument constructor"));
+                        ("unable.to.instantiate.LoginModule.module.because.it.does.not.provide.a.no.argument.constructor"));
                 Object[] source = {moduleStack[i].entry.getLoginModuleName()};
                 throwException(null, new LoginException(form.format(source)));
             } catch (InstantiationException ie) {
                 throwException(null, new LoginException(ResourcesMgr.getString
-                        ("unable to instantiate LoginModule: ") +
+                        ("unable.to.instantiate.LoginModule.") +
                         ie.getMessage()));
             } catch (ClassNotFoundException cnfe) {
                 throwException(null, new LoginException(ResourcesMgr.getString
-                        ("unable to find LoginModule class: ") +
+                        ("unable.to.find.LoginModule.class.") +
                         cnfe.getMessage()));
             } catch (IllegalAccessException iae) {
                 throwException(null, new LoginException(ResourcesMgr.getString
-                        ("unable to access LoginModule: ") +
+                        ("unable.to.access.LoginModule.") +
                         iae.getMessage()));
             } catch (InvocationTargetException ite) {
 
@@ -934,7 +933,7 @@
         } else if (success == false) {
             // no module succeeded -- all modules were IGNORED
             throwException(new LoginException
-                (ResourcesMgr.getString("Login Failure: all modules ignored")),
+                (ResourcesMgr.getString("Login.Failure.all.modules.ignored")),
                 null);
         } else {
             // success
--- a/src/share/classes/javax/security/auth/x500/X500Principal.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/javax/security/auth/x500/X500Principal.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -155,12 +155,12 @@
         if (name == null) {
             throw new NullPointerException
                 (sun.security.util.ResourcesMgr.getString
-                ("provided null name"));
+                ("provided.null.name"));
         }
         if (keywordMap == null) {
             throw new NullPointerException
                 (sun.security.util.ResourcesMgr.getString
-                ("provided null keyword map"));
+                ("provided.null.keyword.map"));
         }
 
         try {
@@ -391,7 +391,7 @@
         if (oidMap == null) {
             throw new NullPointerException
                 (sun.security.util.ResourcesMgr.getString
-                ("provided null OID map"));
+                ("provided.null.OID.map"));
         }
         if (format != null) {
             if (format.equalsIgnoreCase(RFC1779)) {
--- a/src/share/classes/sun/security/pkcs11/SunPKCS11.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/sun/security/pkcs11/SunPKCS11.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1123,7 +1123,7 @@
 
             java.text.MessageFormat form = new java.text.MessageFormat
                         (ResourcesMgr.getString
-                        ("PKCS11 Token [providerName] Password: "));
+                        ("PKCS11.Token.providerName.Password."));
             Object[] source = { getName() };
 
             PasswordCallback pcall = new PasswordCallback(form.format(source),
--- a/src/share/classes/sun/security/provider/PolicyFile.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/sun/security/provider/PolicyFile.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -653,7 +653,7 @@
             }
         } catch (PolicyParser.ParsingException pe) {
             MessageFormat form = new MessageFormat(ResourcesMgr.getString
-                (POLICY + ": error parsing policy:\n\tmessage"));
+                (POLICY + ".error.parsing.policy.message"));
             Object[] source = {policy, pe.getLocalizedMessage()};
             System.err.println(form.format(source));
             if (debug != null)
@@ -895,7 +895,7 @@
                     MessageFormat form = new MessageFormat
                         (ResourcesMgr.getString
                          (POLICY +
-                          ": error adding Permission, perm:\n\tmessage"));
+                          ".error.adding.Permission.perm.message"));
                     Object[] source = {pe.permission,
                                        ite.getTargetException().toString()};
                     System.err.println(form.format(source));
@@ -903,7 +903,7 @@
                     MessageFormat form = new MessageFormat
                         (ResourcesMgr.getString
                          (POLICY +
-                          ": error adding Permission, perm:\n\tmessage"));
+                          ".error.adding.Permission.perm.message"));
                     Object[] source = {pe.permission,
                                        e.toString()};
                     System.err.println(form.format(source));
@@ -915,7 +915,7 @@
         } catch (Exception e) {
             MessageFormat form = new MessageFormat(ResourcesMgr.getString
                                          (POLICY
-                                         + ": error adding Entry:\n\tmessage"));
+                                         + ".error.adding.Entry.message"));
             Object[] source = {e.toString()};
             System.err.println(form.format(source));
         }
@@ -1950,7 +1950,7 @@
                 if (colonIndex == -1) {
                     MessageFormat form = new MessageFormat
                         (ResourcesMgr.getString
-                        ("alias name not provided (pe.name)"));
+                        ("alias.name.not.provided.pe.name."));
                     Object[] source = {pe.name};
                     throw new Exception(form.format(source));
                 }
@@ -1958,7 +1958,7 @@
                 if ((suffix = getDN(suffix, keystore)) == null) {
                     MessageFormat form = new MessageFormat
                         (ResourcesMgr.getString
-                        ("unable to perform substitution on alias, suffix"));
+                        ("unable.to.perform.substitution.on.alias.suffix"));
                     Object[] source = {value.substring(colonIndex+1)};
                     throw new Exception(form.format(source));
                 }
@@ -1968,7 +1968,7 @@
             } else {
                 MessageFormat form = new MessageFormat
                         (ResourcesMgr.getString
-                        ("substitution value, prefix, unsupported"));
+                        ("substitution.value.prefix.unsupported"));
                 Object[] source = {prefix};
                 throw new Exception(form.format(source));
             }
@@ -2127,18 +2127,18 @@
 
         @Override public String toString(){
             StringBuilder sb = new StringBuilder();
-            sb.append(ResourcesMgr.getString("("));
+            sb.append(ResourcesMgr.getString("LPARAM"));
             sb.append(getCodeSource());
             sb.append("\n");
             for (int j = 0; j < permissions.size(); j++) {
                 Permission p = permissions.get(j);
-                sb.append(ResourcesMgr.getString(" "));
-                sb.append(ResourcesMgr.getString(" "));
+                sb.append(ResourcesMgr.getString("SPACE"));
+                sb.append(ResourcesMgr.getString("SPACE"));
                 sb.append(p);
-                sb.append(ResourcesMgr.getString("\n"));
+                sb.append(ResourcesMgr.getString("NEWLINE"));
             }
-            sb.append(ResourcesMgr.getString(")"));
-            sb.append(ResourcesMgr.getString("\n"));
+            sb.append(ResourcesMgr.getString("RPARAM"));
+            sb.append(ResourcesMgr.getString("NEWLINE"));
             return sb.toString();
         }
     }
@@ -2195,7 +2195,7 @@
             super(type);
             if (type == null) {
                 throw new NullPointerException
-                    (ResourcesMgr.getString("type can't be null"));
+                    (ResourcesMgr.getString("type.can.t.be.null"));
             }
             this.type = type;
             this.name = name;
--- a/src/share/classes/sun/security/provider/PolicyParser.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/sun/security/provider/PolicyParser.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -219,8 +219,7 @@
 
         if (keyStoreUrlString == null && storePassURL != null) {
             throw new ParsingException(ResourcesMgr.getString
-                ("keystorePasswordURL can not be specified without also " +
-                "specifying keystore"));
+                ("keystorePasswordURL.can.not.be.specified.without.also.specifying.keystore"));
         }
     }
 
@@ -357,7 +356,7 @@
             keyStoreType = match("quoted string");
         } else {
             throw new ParsingException(st.lineno(),
-                        ResourcesMgr.getString("expected keystore type"));
+                        ResourcesMgr.getString("expected.keystore.type"));
         }
 
         // parse keystore provider
@@ -370,7 +369,7 @@
             keyStoreProvider = match("quoted string");
         } else {
             throw new ParsingException(st.lineno(),
-                        ResourcesMgr.getString("expected keystore provider"));
+                        ResourcesMgr.getString("expected.keystore.provider"));
         }
     }
 
@@ -421,7 +420,7 @@
                     throw new ParsingException(
                             st.lineno(),
                             ResourcesMgr.getString
-                                ("multiple Codebase expressions"));
+                                ("multiple.Codebase.expressions"));
                 e.codeBase = match("quoted string");
                 peekAndMatch(",");
             } else if (peekAndMatch("SignedBy")) {
@@ -429,7 +428,7 @@
                     throw new ParsingException(
                             st.lineno(),
                             ResourcesMgr.getString(
-                                "multiple SignedBy expressions"));
+                                "multiple.SignedBy.expressions"));
                 e.signedBy = match("quoted string");
 
                 // verify syntax of the aliases
@@ -448,7 +447,7 @@
                     throw new ParsingException(
                             st.lineno(),
                             ResourcesMgr.getString(
-                                "SignedBy has empty alias"));
+                                "SignedBy.has.empty.alias"));
 
                 peekAndMatch(",");
             } else if (peekAndMatch("Principal")) {
@@ -491,8 +490,7 @@
                         throw new ParsingException
                                 (st.lineno(),
                                  ResourcesMgr.getString
-                                    ("can not specify Principal with a " +
-                                     "wildcard class without a wildcard name"));
+                                    ("can.not.specify.Principal.with.a.wildcard.class.without.a.wildcard.name"));
                     }
                 }
 
@@ -529,8 +527,7 @@
             } else {
                 throw new ParsingException(st.lineno(),
                                   ResourcesMgr.getString(
-                                      "expected codeBase or SignedBy or " +
-                                      "Principal"));
+                                      "expected.codeBase.or.SignedBy.or.Principal"));
             }
         }
 
@@ -554,7 +551,7 @@
                 throw new
                     ParsingException(st.lineno(),
                                      ResourcesMgr.getString(
-                                        "expected permission entry"));
+                                        "expected.permission.entry"));
             }
         }
         match("}");
@@ -727,12 +724,12 @@
         switch (lookahead) {
         case StreamTokenizer.TT_NUMBER:
             throw new ParsingException(st.lineno(), expect,
-                                       ResourcesMgr.getString("number ") +
+                                       ResourcesMgr.getString("number.") +
                                        String.valueOf(st.nval));
         case StreamTokenizer.TT_EOF:
             MessageFormat form = new MessageFormat(
                     ResourcesMgr.getString
-                            ("expected [expect], read [end of file]"));
+                            ("expected.expect.read.end.of.file."));
             Object[] source = {expect};
             throw new ParsingException(form.format(source));
         case StreamTokenizer.TT_WORD:
@@ -809,11 +806,11 @@
             switch (lookahead) {
             case StreamTokenizer.TT_NUMBER:
                 throw new ParsingException(st.lineno(), ";",
-                                          ResourcesMgr.getString("number ") +
+                                          ResourcesMgr.getString("number.") +
                                           String.valueOf(st.nval));
             case StreamTokenizer.TT_EOF:
                 throw new ParsingException(ResourcesMgr.getString
-                        ("expected [;], read [end of file]"));
+                        ("expected.read.end.of.file."));
             default:
                 lookahead = st.nextToken();
             }
@@ -973,7 +970,7 @@
         public PrincipalEntry(String principalClass, String principalName) {
             if (principalClass == null || principalName == null)
                 throw new NullPointerException(ResourcesMgr.getString(
-                                  "null principalClass or principalName"));
+                                  "null.principalClass.or.principalName"));
             this.principalClass = principalClass;
             this.principalName = principalName;
         }
@@ -1199,7 +1196,7 @@
         public ParsingException(int line, String msg) {
             super("line " + line + ": " + msg);
             MessageFormat form = new MessageFormat
-                (ResourcesMgr.getString("line number: msg"));
+                (ResourcesMgr.getString("line.number.msg"));
             Object[] source = {new Integer(line), msg};
             i18nMessage = form.format(source);
         }
@@ -1208,7 +1205,7 @@
             super("line " + line + ": expected [" + expect +
                 "], found [" + actual + "]");
             MessageFormat form = new MessageFormat(ResourcesMgr.getString
-                ("line number: expected [expect], found [actual]"));
+                ("line.number.expected.expect.found.actual."));
             Object[] source = {new Integer(line), expect, actual};
             i18nMessage = form.format(source);
         }
--- a/src/share/classes/sun/security/tools/JarSigner.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/sun/security/tools/JarSigner.java	Thu Nov 11 15:51:12 2010 +0800
@@ -205,7 +205,7 @@
 
                     if (!(obj instanceof Provider)) {
                         MessageFormat form = new MessageFormat(rb.getString
-                            ("provName not a provider"));
+                            ("provName.not.a.provider"));
                         Object[] source = {provName};
                         throw new Exception(form.format(source));
                     }
@@ -218,7 +218,7 @@
                     loadKeyStore(keystore, false);
                 } catch (Exception e) {
                     if ((keystore != null) || (storepass != null)) {
-                        System.out.println(rb.getString("jarsigner error: ") +
+                        System.out.println(rb.getString("jarsigner.error.") +
                                         e.getMessage());
                         System.exit(1);
                     }
@@ -264,7 +264,7 @@
                 signJar(jarfile, alias, args);
             }
         } catch (Exception e) {
-            System.out.println(rb.getString("jarsigner error: ") + e);
+            System.out.println(rb.getString("jarsigner.error.") + e);
             if (debug) {
                 e.printStackTrace();
             }
@@ -420,7 +420,7 @@
                     }
                 } else {
                     System.err.println(
-                            rb.getString("Illegal option: ") + flags);
+                            rb.getString("Illegal.option.") + flags);
                     usage();
                 }
             }
@@ -430,15 +430,15 @@
         if (verbose == null) showcerts = false;
 
         if (jarfile == null) {
-            System.err.println(rb.getString("Please specify jarfile name"));
+            System.err.println(rb.getString("Please.specify.jarfile.name"));
             usage();
         }
         if (!verify && alias == null) {
-            System.err.println(rb.getString("Please specify alias name"));
+            System.err.println(rb.getString("Please.specify.alias.name"));
             usage();
         }
         if (!verify && ckaliases.size() > 1) {
-            System.err.println(rb.getString("Only one alias can be specified"));
+            System.err.println(rb.getString("Only.one.alias.can.be.specified"));
             usage();
         }
 
@@ -471,30 +471,27 @@
 
         if (token && !nullStream) {
             System.err.println(MessageFormat.format(rb.getString
-                ("-keystore must be NONE if -storetype is {0}"), storetype));
+                (".keystore.must.be.NONE.if.storetype.is.{0}"), storetype));
             usage();
         }
 
         if (token && keypass != null) {
             System.err.println(MessageFormat.format(rb.getString
-                ("-keypass can not be specified " +
-                "if -storetype is {0}"), storetype));
+                (".keypass.can.not.be.specified.if.storetype.is.{0}"), storetype));
             usage();
         }
 
         if (protectedPath) {
             if (storepass != null || keypass != null) {
                 System.err.println(rb.getString
-                        ("If -protected is specified, " +
-                        "then -storepass and -keypass must not be specified"));
+                        ("If.protected.is.specified.then.storepass.and.keypass.must.not.be.specified"));
                 usage();
             }
         }
         if (KeyStoreUtil.isWindowsKeyStore(storetype)) {
             if (storepass != null || keypass != null) {
                 System.err.println(rb.getString
-                        ("If keystore is not password protected, " +
-                        "then -storepass and -keypass must not be specified"));
+                        ("If.keystore.is.not.password.protected.then.storepass.and.keypass.must.not.be.specified"));
                 usage();
             }
         }
@@ -508,94 +505,94 @@
     }
 
     static void usageNoArg() {
-        System.out.println(rb.getString("Option lacks argument"));
+        System.out.println(rb.getString("Option.lacks.argument"));
         usage();
     }
 
     static void usage() {
         System.out.println();
-        System.out.println(rb.getString("Please type jarsigner -help for usage"));
+        System.out.println(rb.getString("Please.type.jarsigner.help.for.usage"));
         System.exit(1);
     }
 
     static void fullusage() {
         System.out.println(rb.getString
-                ("Usage: jarsigner [options] jar-file alias"));
+                ("Usage.jarsigner.options.jar.file.alias"));
         System.out.println(rb.getString
-                ("       jarsigner -verify [options] jar-file [alias...]"));
+                (".jarsigner.verify.options.jar.file.alias."));
         System.out.println();
         System.out.println(rb.getString
-                ("[-keystore <url>]           keystore location"));
+                (".keystore.url.keystore.location"));
         System.out.println();
         System.out.println(rb.getString
-                ("[-storepass <password>]     password for keystore integrity"));
+                (".storepass.password.password.for.keystore.integrity"));
         System.out.println();
         System.out.println(rb.getString
-                ("[-storetype <type>]         keystore type"));
+                (".storetype.type.keystore.type"));
         System.out.println();
         System.out.println(rb.getString
-                ("[-keypass <password>]       password for private key (if different)"));
+                (".keypass.password.password.for.private.key.if.different."));
         System.out.println();
         System.out.println(rb.getString
-                ("[-certchain <file>]         name of alternative certchain file"));
+                (".certchain.file.name.of.alternative.certchain.file"));
         System.out.println();
         System.out.println(rb.getString
-                ("[-sigfile <file>]           name of .SF/.DSA file"));
+                (".sigfile.file.name.of.SF.DSA.file"));
         System.out.println();
         System.out.println(rb.getString
-                ("[-signedjar <file>]         name of signed JAR file"));
+                (".signedjar.file.name.of.signed.JAR.file"));
         System.out.println();
         System.out.println(rb.getString
-                ("[-digestalg <algorithm>]    name of digest algorithm"));
+                (".digestalg.algorithm.name.of.digest.algorithm"));
         System.out.println();
         System.out.println(rb.getString
-                ("[-sigalg <algorithm>]       name of signature algorithm"));
+                (".sigalg.algorithm.name.of.signature.algorithm"));
         System.out.println();
         System.out.println(rb.getString
-                ("[-crl[:auto| <file>]        include CRL in signed jar"));
+                (".crl.auto.file.include.CRL.in.signed.jar"));
         System.out.println();
         System.out.println(rb.getString
-                ("[-verify]                   verify a signed JAR file"));
+                (".verify.verify.a.signed.JAR.file"));
         System.out.println();
         System.out.println(rb.getString
-                ("[-verbose[:suboptions]]     verbose output when signing/verifying."));
+                (".verbose.suboptions.verbose.output.when.signing.verifying."));
         System.out.println(rb.getString
-                ("                            suboptions can be all, grouped or summary"));
+                (".suboptions.can.be.all.grouped.or.summary"));
         System.out.println();
         System.out.println(rb.getString
-                ("[-certs]                    display certificates when verbose and verifying"));
+                (".certs.display.certificates.when.verbose.and.verifying"));
         System.out.println();
         System.out.println(rb.getString
-                ("[-tsa <url>]                location of the Timestamping Authority"));
+                (".tsa.url.location.of.the.Timestamping.Authority"));
         System.out.println();
         System.out.println(rb.getString
-                ("[-tsacert <alias>]          public key certificate for Timestamping Authority"));
+                (".tsacert.alias.public.key.certificate.for.Timestamping.Authority"));
         System.out.println();
         System.out.println(rb.getString
-                ("[-altsigner <class>]        class name of an alternative signing mechanism"));
+                (".altsigner.class.class.name.of.an.alternative.signing.mechanism"));
         System.out.println();
         System.out.println(rb.getString
-                ("[-altsignerpath <pathlist>] location of an alternative signing mechanism"));
+                (".altsignerpath.pathlist.location.of.an.alternative.signing.mechanism"));
         System.out.println();
         System.out.println(rb.getString
-                ("[-internalsf]               include the .SF file inside the signature block"));
+                (".internalsf.include.the.SF.file.inside.the.signature.block"));
         System.out.println();
         System.out.println(rb.getString
-                ("[-sectionsonly]             don't compute hash of entire manifest"));
+                (".sectionsonly.don.t.compute.hash.of.entire.manifest"));
         System.out.println();
         System.out.println(rb.getString
-                ("[-protected]                keystore has protected authentication path"));
+                (".protected.keystore.has.protected.authentication.path"));
         System.out.println();
         System.out.println(rb.getString
-                ("[-providerName <name>]      provider name"));
+                (".providerName.name.provider.name"));
         System.out.println();
         System.out.println(rb.getString
-                ("[-providerClass <class>     name of cryptographic service provider's"));
+                (".providerClass.class.name.of.cryptographic.service.provider.s"));
         System.out.println(rb.getString
-                ("  [-providerArg <arg>]] ... master class file and constructor argument"));
+                (".providerArg.arg.master.class.file.and.constructor.argument"));
         System.out.println();
         System.out.println(rb.getString
-                ("[-strict]                   treat warnings as errors"));
+                (".strict.treat.warnings.as.errors"));
         System.out.println();
 
         System.exit(0);
@@ -644,7 +641,7 @@
                 Enumeration<JarEntry> e = entriesVec.elements();
 
                 long now = System.currentTimeMillis();
-                String tab = rb.getString("      ");
+                String tab = rb.getString("6SPACE");
 
                 while (e.hasMoreElements()) {
                     JarEntry je = e.nextElement();
@@ -672,12 +669,12 @@
                              (man.getAttributes("./"+name) != null) ||
                              (man.getAttributes("/"+name) != null));
                         sb.append(
-                          (isSigned ? rb.getString("s") : rb.getString(" ")) +
-                          (inManifest ? rb.getString("m") : rb.getString(" ")) +
-                          (inStore ? rb.getString("k") : rb.getString(" ")) +
-                          (inScope ? rb.getString("i") : rb.getString(" ")) +
+                          (isSigned ? rb.getString("s") : rb.getString("SPACE")) +
+                          (inManifest ? rb.getString("m") : rb.getString("SPACE")) +
+                          (inStore ? rb.getString("k") : rb.getString("SPACE")) +
+                          (inScope ? rb.getString("i") : rb.getString("SPACE")) +
                           ((inStoreOrScope & NOT_ALIAS) != 0 ?"X":" ") +
-                          rb.getString(" "));
+                          rb.getString("SPACE"));
                         sb.append("|");
                     }
 
@@ -701,7 +698,7 @@
                                         if (crl instanceof X509CRLImpl) {
                                             sb.append(tab).append("[");
                                             sb.append(String.format(
-                                                    rb.getString("with a CRL including %d entries"),
+                                                    rb.getString("with.a.CRL.including.d.entries"),
                                                     ((X509CRLImpl)crl).getRevokedCertificates().size()))
                                                 .append("]\n");
                                         }
@@ -714,10 +711,10 @@
                         // to be consistent with old behavior.
                         if (signatureRelated(name)) {
                             sb.append("\n" + tab + rb.getString(
-                                    "(Signature related entries)") + "\n\n");
+                                    ".Signature.related.entries.") + "\n\n");
                         } else {
                             sb.append("\n" + tab + rb.getString(
-                                    "(Unsigned entries)") + "\n\n");
+                                    ".Unsigned.entries.") + "\n\n");
                         }
                     }
 
@@ -773,7 +770,7 @@
                             if (files.size() > 1) {
                                 System.out.println(files.get(0) + " " +
                                         String.format(rb.getString(
-                                        "(and %d more)"), files.size()-1));
+                                        ".and.d.more."), files.size()-1));
                             } else {
                                 System.out.println(files.get(0));
                             }
@@ -783,89 +780,89 @@
                 }
                 System.out.println();
                 System.out.println(rb.getString(
-                    "  s = signature was verified "));
+                    ".s.signature.was.verified."));
                 System.out.println(rb.getString(
-                    "  m = entry is listed in manifest"));
+                    ".m.entry.is.listed.in.manifest"));
                 System.out.println(rb.getString(
-                    "  k = at least one certificate was found in keystore"));
+                    ".k.at.least.one.certificate.was.found.in.keystore"));
                 System.out.println(rb.getString(
-                    "  i = at least one certificate was found in identity scope"));
+                    ".i.at.least.one.certificate.was.found.in.identity.scope"));
                 if (ckaliases.size() > 0) {
-                    System.out.println((
-                        "  X = not signed by specified alias(es)"));
+                    System.out.println(rb.getString(
+                        ".X.not.signed.by.specified.alias.es."));
                 }
                 System.out.println();
             }
             if (man == null)
-                System.out.println(rb.getString("no manifest."));
+                System.out.println(rb.getString("no.manifest."));
 
             if (!anySigned) {
                 System.out.println(rb.getString(
-                      "jar is unsigned. (signatures missing or not parsable)"));
+                      "jar.is.unsigned.signatures.missing.or.not.parsable."));
             } else {
-                System.out.println(rb.getString("jar verified."));
+                System.out.println(rb.getString("jar.verified."));
                 if (hasUnsignedEntry || hasExpiredCert || hasExpiringCert ||
                     badKeyUsage || badExtendedKeyUsage || badNetscapeCertType ||
                     notYetValidCert || chainNotValidated ||
                     aliasNotInStore || notSignedByAlias) {
 
                     System.out.println();
-                    System.out.println(rb.getString("Warning: "));
+                    System.out.println(rb.getString("Warning."));
                     if (badKeyUsage) {
                         System.out.println(
-                            rb.getString("This jar contains entries whose signer certificate's KeyUsage extension doesn't allow code signing."));
+                            rb.getString("This.jar.contains.entries.whose.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing."));
                     }
 
                     if (badExtendedKeyUsage) {
                         System.out.println(
-                            rb.getString("This jar contains entries whose signer certificate's ExtendedKeyUsage extension doesn't allow code signing."));
+                            rb.getString("This.jar.contains.entries.whose.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing."));
                     }
 
                     if (badNetscapeCertType) {
                         System.out.println(
-                            rb.getString("This jar contains entries whose signer certificate's NetscapeCertType extension doesn't allow code signing."));
+                            rb.getString("This.jar.contains.entries.whose.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing."));
                     }
 
                     if (hasUnsignedEntry) {
                         System.out.println(rb.getString(
-                            "This jar contains unsigned entries which have not been integrity-checked. "));
+                            "This.jar.contains.unsigned.entries.which.have.not.been.integrity.checked."));
                     }
                     if (hasExpiredCert) {
                         System.out.println(rb.getString(
-                            "This jar contains entries whose signer certificate has expired. "));
+                            "This.jar.contains.entries.whose.signer.certificate.has.expired."));
                     }
                     if (hasExpiringCert) {
                         System.out.println(rb.getString(
-                            "This jar contains entries whose signer certificate will expire within six months. "));
+                            "This.jar.contains.entries.whose.signer.certificate.will.expire.within.six.months."));
                     }
                     if (notYetValidCert) {
                         System.out.println(rb.getString(
-                            "This jar contains entries whose signer certificate is not yet valid. "));
+                            "This.jar.contains.entries.whose.signer.certificate.is.not.yet.valid."));
                     }
 
                     if (chainNotValidated) {
                         System.out.println(
-                                rb.getString("This jar contains entries whose certificate chain is not validated."));
+                                rb.getString("This.jar.contains.entries.whose.certificate.chain.is.not.validated."));
                     }
 
                     if (notSignedByAlias) {
                         System.out.println(
-                                rb.getString("This jar contains signed entries which is not signed by the specified alias(es)."));
+                                rb.getString("This.jar.contains.signed.entries.which.is.not.signed.by.the.specified.alias.es."));
                     }
 
                     if (aliasNotInStore) {
-                        System.out.println(rb.getString("This jar contains signed entries that's not signed by alias in this keystore."));
+                        System.out.println(rb.getString("This.jar.contains.signed.entries.that.s.not.signed.by.alias.in.this.keystore."));
                     }
                     if (! (verbose != null && showcerts)) {
                         System.out.println();
                         System.out.println(rb.getString(
-                            "Re-run with the -verbose and -certs options for more details."));
+                            "Re.run.with.the.verbose.and.certs.options.for.more.details."));
                     }
                 }
             }
             return;
         } catch (Exception e) {
-            System.out.println(rb.getString("jarsigner: ") + e);
+            System.out.println(rb.getString("jarsigner.") + e);
             if (debug) {
                 e.printStackTrace();
             }
@@ -895,13 +892,13 @@
         long now) {
 
         StringBuilder certStr = new StringBuilder();
-        String space = rb.getString(" ");
+        String space = rb.getString("SPACE");
         X509Certificate x509Cert = null;
 
         if (c instanceof X509Certificate) {
             x509Cert = (X509Certificate) c;
             certStr.append(tab).append(x509Cert.getType())
-                .append(rb.getString(", "))
+                .append(rb.getString("COMMA"))
                 .append(x509Cert.getSubjectDN().getName());
         } else {
             certStr.append(tab).append(c.getType());
@@ -927,7 +924,7 @@
 
                     if (expiringTimeForm == null) {
                         expiringTimeForm = new MessageFormat(
-                            rb.getString("certificate will expire on"));
+                            rb.getString("certificate.will.expire.on"));
                     }
                     Object[] source = { notAfter };
                     certStr.append(expiringTimeForm.format(source));
@@ -935,7 +932,7 @@
                 } else {
                     if (validityTimeForm == null) {
                         validityTimeForm = new MessageFormat(
-                            rb.getString("certificate is valid from"));
+                            rb.getString("certificate.is.valid.from"));
                     }
                     Object[] source = { x509Cert.getNotBefore(), notAfter };
                     certStr.append(validityTimeForm.format(source));
@@ -945,7 +942,7 @@
 
                 if (expiredTimeForm == null) {
                     expiredTimeForm = new MessageFormat(
-                        rb.getString("certificate expired on"));
+                        rb.getString("certificate.expired.on"));
                 }
                 Object[] source = { notAfter };
                 certStr.append(expiredTimeForm.format(source));
@@ -955,7 +952,7 @@
 
                 if (notYetTimeForm == null) {
                     notYetTimeForm = new MessageFormat(
-                        rb.getString("certificate is not valid until"));
+                        rb.getString("certificate.is.not.valid.until"));
                 }
                 Object[] source = { x509Cert.getNotBefore() };
                 certStr.append(notYetTimeForm.format(source));
@@ -979,7 +976,7 @@
                 }
                 certStr.append("\n").append(tab)
                         .append(MessageFormat.format(rb.getString(
-                        "[{0} extension does not support code signing]"), x));
+                        ".{0}.extension.does.not.support.code.signing."), x));
             }
         }
         return certStr.toString();
@@ -991,7 +988,7 @@
 
         if (signTimeForm == null) {
             signTimeForm =
-                new MessageFormat(rb.getString("entry was signed on"));
+                new MessageFormat(rb.getString("entry.was.signed.on"));
         }
         Object[] source = { timestamp.getTimestamp() };
 
@@ -1093,7 +1090,7 @@
                 } else {
                  throw new
                    RuntimeException(rb.getString
-                        ("signature filename must consist of the following characters: A-Z, 0-9, _ or -"));
+                        ("signature.filename.must.consist.of.the.following.characters.A.Z.0.9.or."));
                 }
             }
             tmpSigFile.append(c);
@@ -1112,14 +1109,14 @@
         try {
             zipFile = new ZipFile(jarName);
         } catch (IOException ioe) {
-            error(rb.getString("unable to open jar file: ")+jarName, ioe);
+            error(rb.getString("unable.to.open.jar.file.")+jarName, ioe);
         }
 
         FileOutputStream fos = null;
         try {
             fos = new FileOutputStream(signedJarFile);
         } catch (IOException ioe) {
-            error(rb.getString("unable to create: ")+tmpJarName, ioe);
+            error(rb.getString("unable.to.create.")+tmpJarName, ioe);
         }
 
         PrintStream ps = new PrintStream(fos);
@@ -1263,10 +1260,10 @@
             }
             if (verbose != null) {
                 if (mfCreated) {
-                    System.out.println(rb.getString("   adding: ") +
+                    System.out.println(rb.getString(".adding.") +
                                         mfFile.getName());
                 } else if (mfModified) {
-                    System.out.println(rb.getString(" updating: ") +
+                    System.out.println(rb.getString(".updating.") +
                                         mfFile.getName());
                 }
             }
@@ -1291,10 +1288,10 @@
                         zipFile);
             } catch (SocketTimeoutException e) {
                 // Provide a helpful message when TSA is beyond a firewall
-                error(rb.getString("unable to sign jar: ") +
-                rb.getString("no response from the Timestamping Authority. ") +
-                rb.getString("When connecting from behind a firewall then an HTTP proxy may need to be specified. ") +
-                rb.getString("Supply the following options to jarsigner: ") +
+                error(rb.getString("unable.to.sign.jar.") +
+                rb.getString("no.response.from.the.Timestamping.Authority.") +
+                rb.getString("When.connecting.from.behind.a.firewall.then.an.HTTP.proxy.may.need.to.be.specified.") +
+                rb.getString("Supply.the.following.options.to.jarsigner.") +
                 "\n  -J-Dhttp.proxyHost=<hostname> " +
                 "\n  -J-Dhttp.proxyPort=<portnumber> ", e);
             }
@@ -1314,10 +1311,10 @@
             sf.write(zos);
             if (verbose != null) {
                 if (zipFile.getEntry(sfFilename) != null) {
-                    System.out.println(rb.getString(" updating: ") +
+                    System.out.println(rb.getString(".updating.") +
                                 sfFilename);
                 } else {
-                    System.out.println(rb.getString("   adding: ") +
+                    System.out.println(rb.getString(".adding.") +
                                 sfFilename);
                 }
             }
@@ -1325,24 +1322,24 @@
             if (verbose != null) {
                 if (tsaUrl != null || tsaCert != null) {
                     System.out.println(
-                        rb.getString("requesting a signature timestamp"));
+                        rb.getString("requesting.a.signature.timestamp"));
                 }
                 if (tsaUrl != null) {
-                    System.out.println(rb.getString("TSA location: ") + tsaUrl);
+                    System.out.println(rb.getString("TSA.location.") + tsaUrl);
                 }
                 if (tsaCert != null) {
                     String certUrl =
                         TimestampedSigner.getTimestampingUrl(tsaCert);
                     if (certUrl != null) {
-                        System.out.println(rb.getString("TSA location: ") +
+                        System.out.println(rb.getString("TSA.location.") +
                             certUrl);
                     }
-                    System.out.println(rb.getString("TSA certificate: ") +
+                    System.out.println(rb.getString("TSA.certificate.") +
                         printCert("", tsaCert, false, 0));
                 }
                 if (signingMechanism != null) {
                     System.out.println(
-                        rb.getString("using an alternative signing mechanism"));
+                        rb.getString("using.an.alternative.signing.mechanism"));
                 }
             }
 
@@ -1351,10 +1348,10 @@
             block.write(zos);
             if (verbose != null) {
                 if (zipFile.getEntry(bkFilename) != null) {
-                    System.out.println(rb.getString(" updating: ") +
+                    System.out.println(rb.getString(".updating.") +
                         bkFilename);
                 } else {
-                    System.out.println(rb.getString("   adding: ") +
+                    System.out.println(rb.getString(".adding.") +
                         bkFilename);
                 }
             }
@@ -1378,17 +1375,17 @@
                 if (!ze.getName().startsWith(META_INF)) {
                     if (verbose != null) {
                         if (manifest.getAttributes(ze.getName()) != null)
-                          System.out.println(rb.getString("  signing: ") +
+                          System.out.println(rb.getString(".signing.") +
                                 ze.getName());
                         else
-                          System.out.println(rb.getString("   adding: ") +
+                          System.out.println(rb.getString(".adding.") +
                                 ze.getName());
                     }
                     writeEntry(zipFile, zos, ze);
                 }
             }
         } catch(IOException ioe) {
-            error(rb.getString("unable to sign jar: ")+ioe, ioe);
+            error(rb.getString("unable.to.sign.jar.")+ioe, ioe);
         } finally {
             // close the resouces
             if (zipFile != null) {
@@ -1416,13 +1413,13 @@
                             origJar.delete();
                         } else {
                             MessageFormat form = new MessageFormat(rb.getString
-                        ("attempt to rename signedJarFile to jarFile failed"));
+                        ("attempt.to.rename.signedJarFile.to.jarFile.failed"));
                             Object[] source = {signedJarFile, jarFile};
                             error(form.format(source));
                         }
                     } else {
                         MessageFormat form = new MessageFormat(rb.getString
-                            ("attempt to rename jarFile to origJar failed"));
+                            ("attempt.to.rename.jarFile.to.origJar.failed"));
                         Object[] source = {jarFile, origJar};
                         error(form.format(source));
                     }
@@ -1434,43 +1431,43 @@
                     || badNetscapeCertType || chainNotValidated) {
                 System.out.println();
 
-                System.out.println(rb.getString("Warning: "));
+                System.out.println(rb.getString("Warning."));
                 if (badKeyUsage) {
                     System.out.println(
-                        rb.getString("The signer certificate's KeyUsage extension doesn't allow code signing."));
+                        rb.getString("The.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing."));
                 }
 
                 if (badExtendedKeyUsage) {
                     System.out.println(
-                        rb.getString("The signer certificate's ExtendedKeyUsage extension doesn't allow code signing."));
+                        rb.getString("The.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing."));
                 }
 
                 if (badNetscapeCertType) {
                     System.out.println(
-                        rb.getString("The signer certificate's NetscapeCertType extension doesn't allow code signing."));
+                        rb.getString("The.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing."));
                 }
 
                 if (hasExpiredCert) {
                     System.out.println(
-                        rb.getString("The signer certificate has expired."));
+                        rb.getString("The.signer.certificate.has.expired."));
                 } else if (hasExpiringCert) {
                     System.out.println(
-                        rb.getString("The signer certificate will expire within six months."));
+                        rb.getString("The.signer.certificate.will.expire.within.six.months."));
                 } else if (notYetValidCert) {
                     System.out.println(
-                        rb.getString("The signer certificate is not yet valid."));
+                        rb.getString("The.signer.certificate.is.not.yet.valid."));
                 }
 
                 if (chainNotValidated) {
                     System.out.println(
-                            rb.getString("The signer's certificate chain is not validated."));
+                            rb.getString("The.signer.s.certificate.chain.is.not.validated."));
                 }
             }
 
         // no IOException thrown in the above try clause, so disable
         // the catch clause.
         // } catch(IOException ioe) {
-        //     error(rb.getString("unable to sign jar: ")+ioe, ioe);
+        //     error(rb.getString("unable.to.sign.jar.")+ioe, ioe);
         // }
     }
 
@@ -1557,7 +1554,7 @@
             validator.validate(cp, pkixParameters);
         } catch (Exception e) {
             chainNotValidated = true;
-            s.append(tab + rb.getString("[CertPath not validated: ") +
+            s.append(tab + rb.getString(".CertPath.not.validated.") +
                     e.getLocalizedMessage() + "]\n");   // TODO
         }
         String result = s.toString();
@@ -1624,10 +1621,10 @@
             if (token && storepass == null && !protectedPath
                     && !KeyStoreUtil.isWindowsKeyStore(storetype)) {
                 storepass = getPass
-                        (rb.getString("Enter Passphrase for keystore: "));
+                        (rb.getString("Enter.Passphrase.for.keystore."));
             } else if (!token && storepass == null && prompt) {
                 storepass = getPass
-                        (rb.getString("Enter Passphrase for keystore: "));
+                        (rb.getString("Enter.Passphrase.for.keystore."));
             }
 
             if (nullStream) {
@@ -1694,20 +1691,20 @@
                 // Only if tas is empty
             }
         } catch (IOException ioe) {
-            throw new RuntimeException(rb.getString("keystore load: ") +
+            throw new RuntimeException(rb.getString("keystore.load.") +
                                         ioe.getMessage());
         } catch (java.security.cert.CertificateException ce) {
-            throw new RuntimeException(rb.getString("certificate exception: ") +
+            throw new RuntimeException(rb.getString("certificate.exception.") +
                                         ce.getMessage());
         } catch (NoSuchProviderException pe) {
-            throw new RuntimeException(rb.getString("keystore load: ") +
+            throw new RuntimeException(rb.getString("keystore.load.") +
                                         pe.getMessage());
         } catch (NoSuchAlgorithmException nsae) {
-            throw new RuntimeException(rb.getString("keystore load: ") +
+            throw new RuntimeException(rb.getString("keystore.load.") +
                                         nsae.getMessage());
         } catch (KeyStoreException kse) {
             throw new RuntimeException
-                (rb.getString("unable to instantiate keystore class: ") +
+                (rb.getString("unable.to.instantiate.keystore.class.") +
                 kse.getMessage());
         }
     }
@@ -1723,7 +1720,7 @@
         }
         if (cs == null || (!(cs instanceof X509Certificate))) {
             MessageFormat form = new MessageFormat(rb.getString
-                ("Certificate not found for: alias.  alias must reference a valid KeyStore entry containing an X.509 public key certificate for the Timestamping Authority."));
+                ("Certificate.not.found.for.alias.alias.must.reference.a.valid.KeyStore.entry.containing.an.X.509.public.key.certificate.for.the"));
             Object[] source = {alias, alias};
             error(form.format(source));
         }
@@ -1816,9 +1813,9 @@
                             generateCertificates(new FileInputStream(altCertChain)).
                             toArray(new Certificate[0]);
                 } catch (CertificateException ex) {
-                    error(rb.getString("Cannot restore certchain from file specified"));
+                    error(rb.getString("Cannot.restore.certchain.from.file.specified"));
                 } catch (FileNotFoundException ex) {
-                    error(rb.getString("File specified by -certchain does not exist"));
+                    error(rb.getString("File.specified.by.certchain.does.not.exist"));
                 }
             } else {
                 try {
@@ -1830,12 +1827,10 @@
             if (cs == null || cs.length == 0) {
                 if (altCertChain != null) {
                     error(rb.getString
-                            ("Certificate chain not found in the file specified."));
+                            ("Certificate.chain.not.found.in.the.file.specified."));
                 } else {
                     MessageFormat form = new MessageFormat(rb.getString
-                        ("Certificate chain not found for: alias.  alias must" +
-                        " reference a valid KeyStore key entry containing a" +
-                        " private key and corresponding public key certificate chain."));
+                        ("Certificate.chain.not.found.for.alias.alias.must.reference.a.valid.KeyStore.key.entry.containing.a.private.key.and"));
                     Object[] source = {alias, alias};
                     error(form.format(source));
                 }
@@ -1845,7 +1840,7 @@
             for (int i=0; i<cs.length; i++) {
                 if (!(cs[i] instanceof X509Certificate)) {
                     error(rb.getString
-                        ("found non-X.509 certificate in signer's chain"));
+                        ("found.non.X.509.certificate.in.signer.s.chain"));
                 }
                 certChain[i] = (X509Certificate)cs[i];
             }
@@ -1872,7 +1867,7 @@
                 } else if (keypass == null) {
                     // Did not work out, so prompt user for key password
                     MessageFormat form = new MessageFormat(rb.getString
-                        ("Enter key password for alias: "));
+                        ("Enter.key.password.for.alias."));
                     Object[] source = {alias};
                     keypass = getPass(form.format(source));
                     key = store.getKey(alias, keypass);
@@ -1881,14 +1876,14 @@
         } catch (NoSuchAlgorithmException e) {
             error(e.getMessage());
         } catch (UnrecoverableKeyException e) {
-            error(rb.getString("unable to recover key from keystore"));
+            error(rb.getString("unable.to.recover.key.from.keystore"));
         } catch (KeyStoreException kse) {
             // this never happens, because keystore has been loaded
         }
 
         if (!(key instanceof PrivateKey)) {
             MessageFormat form = new MessageFormat(rb.getString
-                ("key associated with alias not a private key"));
+                ("key.associated.with.alias.not.a.private.key"));
             Object[] source = {alias};
             error(form.format(source));
         } else {
@@ -1898,14 +1893,14 @@
 
     void error(String message)
     {
-        System.out.println(rb.getString("jarsigner: ")+message);
+        System.out.println(rb.getString("jarsigner.")+message);
         System.exit(1);
     }
 
 
     void error(String message, Exception e)
     {
-        System.out.println(rb.getString("jarsigner: ")+message);
+        System.out.println(rb.getString("jarsigner.")+message);
         if (debug) {
             e.printStackTrace();
         }
@@ -1920,12 +1915,12 @@
             char[] pass = Password.readPassword(System.in);
 
             if (pass == null) {
-                error(rb.getString("you must enter key password"));
+                error(rb.getString("you.must.enter.key.password"));
             } else {
                 return pass;
             }
         } catch (IOException ioe) {
-            error(rb.getString("unable to read password: ")+ioe.getMessage());
+            error(rb.getString("unable.to.read.password.")+ioe.getMessage());
         }
         // this shouldn't happen
         return null;
@@ -2113,7 +2108,7 @@
         Object signer = signerClass.newInstance();
         if (!(signer instanceof ContentSigner)) {
             MessageFormat form = new MessageFormat(
-                rb.getString("signerClass is not a signing mechanism"));
+                rb.getString("signerClass.is.not.a.signing.mechanism"));
             Object[] source = {signerClass.getName()};
             throw new IllegalArgumentException(form.format(source));
         }
--- a/src/share/classes/sun/security/tools/JarSignerResources.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/sun/security/tools/JarSignerResources.java	Thu Nov 11 15:51:12 2010 +0800
@@ -35,201 +35,201 @@
     private static final Object[][] contents = {
 
         // shared (from jarsigner)
-        {" ", " "},
-        {"  ", "  "},
-        {"      ", "      "},
-        {", ", ", "},
+        {"SPACE", " "},
+        {"2SPACE", "  "},
+        {"6SPACE", "      "},
+        {"COMMA", ", "},
 
-        {"provName not a provider", "{0} not a provider"},
-        {"signerClass is not a signing mechanism", "{0} is not a signing mechanism"},
-        {"jarsigner error: ", "jarsigner error: "},
-        {"Illegal option: ", "Illegal option: "},
-        {"-keystore must be NONE if -storetype is {0}",
+        {"provName.not.a.provider", "{0} not a provider"},
+        {"signerClass.is.not.a.signing.mechanism", "{0} is not a signing mechanism"},
+        {"jarsigner.error.", "jarsigner error: "},
+        {"Illegal.option.", "Illegal option: "},
+        {".keystore.must.be.NONE.if.storetype.is.{0}",
                 "-keystore must be NONE if -storetype is {0}"},
-        {"-keypass can not be specified if -storetype is {0}",
+        {".keypass.can.not.be.specified.if.storetype.is.{0}",
                 "-keypass can not be specified if -storetype is {0}"},
-        {"If -protected is specified, then -storepass and -keypass must not be specified",
+        {"If.protected.is.specified.then.storepass.and.keypass.must.not.be.specified",
                 "If -protected is specified, then -storepass and -keypass must not be specified"},
-        {"If keystore is not password protected, then -storepass and -keypass must not be specified",
+        {"If.keystore.is.not.password.protected.then.storepass.and.keypass.must.not.be.specified",
                  "If keystore is not password protected, then -storepass and -keypass must not be specified"},
-        {"Usage: jarsigner [options] jar-file alias",
+        {"Usage.jarsigner.options.jar.file.alias",
                 "Usage: jarsigner [options] jar-file alias"},
-        {"       jarsigner -verify [options] jar-file [alias...]",
+        {".jarsigner.verify.options.jar.file.alias.",
                 "       jarsigner -verify [options] jar-file [alias...]"},
-        {"[-keystore <url>]           keystore location",
+        {".keystore.url.keystore.location",
                 "[-keystore <url>]           keystore location"},
-        {"[-storepass <password>]     password for keystore integrity",
+        {".storepass.password.password.for.keystore.integrity",
             "[-storepass <password>]     password for keystore integrity"},
-        {"[-storetype <type>]         keystore type",
+        {".storetype.type.keystore.type",
                 "[-storetype <type>]         keystore type"},
-        {"[-keypass <password>]       password for private key (if different)",
+        {".keypass.password.password.for.private.key.if.different.",
                 "[-keypass <password>]       password for private key (if different)"},
-        {"[-certchain <file>]         name of alternative certchain file",
+        {".certchain.file.name.of.alternative.certchain.file",
                 "[-certchain <file>]         name of alternative certchain file"},
-        {"[-sigfile <file>]           name of .SF/.DSA file",
+        {".sigfile.file.name.of.SF.DSA.file",
                 "[-sigfile <file>]           name of .SF/.DSA file"},
-        {"[-signedjar <file>]         name of signed JAR file",
+        {".signedjar.file.name.of.signed.JAR.file",
                 "[-signedjar <file>]         name of signed JAR file"},
-        {"[-digestalg <algorithm>]    name of digest algorithm",
+        {".digestalg.algorithm.name.of.digest.algorithm",
                 "[-digestalg <algorithm>]    name of digest algorithm"},
-        {"[-sigalg <algorithm>]       name of signature algorithm",
+        {".sigalg.algorithm.name.of.signature.algorithm",
                 "[-sigalg <algorithm>]       name of signature algorithm"},
-        {"[-crl[:auto| <file>]        include CRL in signed jar",
+        {".crl.auto.file.include.CRL.in.signed.jar",
                 "[-crl[:auto| <file>]        include CRL in signed jar"},
-        {"[-verify]                   verify a signed JAR file",
+        {".verify.verify.a.signed.JAR.file",
                 "[-verify]                   verify a signed JAR file"},
-        {"[-verbose[:suboptions]]     verbose output when signing/verifying.",
+        {".verbose.suboptions.verbose.output.when.signing.verifying.",
                 "[-verbose[:suboptions]]     verbose output when signing/verifying."},
-        {"                            suboptions can be all, grouped or summary",
+        {".suboptions.can.be.all.grouped.or.summary",
                 "                            suboptions can be all, grouped or summary"},
-        {"[-certs]                    display certificates when verbose and verifying",
+        {".certs.display.certificates.when.verbose.and.verifying",
                 "[-certs]                    display certificates when verbose and verifying"},
-        {"[-tsa <url>]                location of the Timestamping Authority",
+        {".tsa.url.location.of.the.Timestamping.Authority",
                 "[-tsa <url>]                location of the Timestamping Authority"},
-        {"[-tsacert <alias>]          public key certificate for Timestamping Authority",
+        {".tsacert.alias.public.key.certificate.for.Timestamping.Authority",
                 "[-tsacert <alias>]          public key certificate for Timestamping Authority"},
-        {"[-altsigner <class>]        class name of an alternative signing mechanism",
+        {".altsigner.class.class.name.of.an.alternative.signing.mechanism",
                 "[-altsigner <class>]        class name of an alternative signing mechanism"},
-        {"[-altsignerpath <pathlist>] location of an alternative signing mechanism",
+        {".altsignerpath.pathlist.location.of.an.alternative.signing.mechanism",
                 "[-altsignerpath <pathlist>] location of an alternative signing mechanism"},
-        {"[-internalsf]               include the .SF file inside the signature block",
+        {".internalsf.include.the.SF.file.inside.the.signature.block",
                 "[-internalsf]               include the .SF file inside the signature block"},
-        {"[-sectionsonly]             don't compute hash of entire manifest",
+        {".sectionsonly.don.t.compute.hash.of.entire.manifest",
                 "[-sectionsonly]             don't compute hash of entire manifest"},
-        {"[-protected]                keystore has protected authentication path",
+        {".protected.keystore.has.protected.authentication.path",
                 "[-protected]                keystore has protected authentication path"},
-        {"[-providerName <name>]      provider name",
+        {".providerName.name.provider.name",
                 "[-providerName <name>]      provider name"},
-        {"[-providerClass <class>     name of cryptographic service provider's",
+        {".providerClass.class.name.of.cryptographic.service.provider.s",
                 "[-providerClass <class>     name of cryptographic service provider's"},
-        {"  [-providerArg <arg>]] ... master class file and constructor argument",
+        {".providerArg.arg.master.class.file.and.constructor.argument",
                 "  [-providerArg <arg>]] ... master class file and constructor argument"},
-        {"[-strict]                   treat warnings as errors",
+        {".strict.treat.warnings.as.errors",
                 "[-strict]                   treat warnings as errors"},
-        {"Option lacks argument", "Option lacks argument"},
-        {"Please type jarsigner -help for usage", "Please type jarsigner -help for usage"},
-        {"Please specify jarfile name", "Please specify jarfile name"},
-        {"Please specify alias name", "Please specify alias name"},
-        {"Only one alias can be specified", "Only one alias can be specified"},
-        {"This jar contains signed entries which is not signed by the specified alias(es).",
+        {"Option.lacks.argument", "Option lacks argument"},
+        {"Please.type.jarsigner.help.for.usage", "Please type jarsigner -help for usage"},
+        {"Please.specify.jarfile.name", "Please specify jarfile name"},
+        {"Please.specify.alias.name", "Please specify alias name"},
+        {"Only.one.alias.can.be.specified", "Only one alias can be specified"},
+        {"This.jar.contains.signed.entries.which.is.not.signed.by.the.specified.alias.es.",
                  "This jar contains signed entries which is not signed by the specified alias(es)."},
-        {"This jar contains signed entries that's not signed by alias in this keystore.",
+        {"This.jar.contains.signed.entries.that.s.not.signed.by.alias.in.this.keystore.",
                   "This jar contains signed entries that's not signed by alias in this keystore."},
         {"s", "s"},
         {"m", "m"},
         {"k", "k"},
         {"i", "i"},
-        {"(and %d more)", "(and %d more)"},
-        {"  s = signature was verified ",
+        {".and.d.more.", "(and %d more)"},
+        {".s.signature.was.verified.",
                 "  s = signature was verified "},
-        {"  m = entry is listed in manifest",
+        {".m.entry.is.listed.in.manifest",
                 "  m = entry is listed in manifest"},
-        {"  k = at least one certificate was found in keystore",
+        {".k.at.least.one.certificate.was.found.in.keystore",
                 "  k = at least one certificate was found in keystore"},
-        {"  i = at least one certificate was found in identity scope",
+        {".i.at.least.one.certificate.was.found.in.identity.scope",
                 "  i = at least one certificate was found in identity scope"},
-        {"  X = not signed by specified alias(es)",
+        {".X.not.signed.by.specified.alias.es.",
                 "  X = not signed by specified alias(es)"},
-        {"no manifest.", "no manifest."},
-        {"(Signature related entries)","(Signature related entries)"},
-        {"(Unsigned entries)", "(Unsigned entries)"},
-        {"jar is unsigned. (signatures missing or not parsable)",
+        {"no.manifest.", "no manifest."},
+        {".Signature.related.entries.","(Signature related entries)"},
+        {".Unsigned.entries.", "(Unsigned entries)"},
+        {"jar.is.unsigned.signatures.missing.or.not.parsable.",
                 "jar is unsigned. (signatures missing or not parsable)"},
-        {"jar verified.", "jar verified."},
-        {"jarsigner: ", "jarsigner: "},
-        {"signature filename must consist of the following characters: A-Z, 0-9, _ or -",
+        {"jar.verified.", "jar verified."},
+        {"jarsigner.", "jarsigner: "},
+        {"signature.filename.must.consist.of.the.following.characters.A.Z.0.9.or.",
                 "signature filename must consist of the following characters: A-Z, 0-9, _ or -"},
-        {"unable to open jar file: ", "unable to open jar file: "},
-        {"unable to create: ", "unable to create: "},
-        {"   adding: ", "   adding: "},
-        {" updating: ", " updating: "},
-        {"  signing: ", "  signing: "},
-        {"attempt to rename signedJarFile to jarFile failed",
+        {"unable.to.open.jar.file.", "unable to open jar file: "},
+        {"unable.to.create.", "unable to create: "},
+        {".adding.", "   adding: "},
+        {".updating.", " updating: "},
+        {".signing.", "  signing: "},
+        {"attempt.to.rename.signedJarFile.to.jarFile.failed",
                 "attempt to rename {0} to {1} failed"},
-        {"attempt to rename jarFile to origJar failed",
+        {"attempt.to.rename.jarFile.to.origJar.failed",
                 "attempt to rename {0} to {1} failed"},
-        {"unable to sign jar: ", "unable to sign jar: "},
-        {"Enter Passphrase for keystore: ", "Enter Passphrase for keystore: "},
-        {"keystore load: ", "keystore load: "},
-        {"certificate exception: ", "certificate exception: "},
-        {"unable to instantiate keystore class: ",
+        {"unable.to.sign.jar.", "unable to sign jar: "},
+        {"Enter.Passphrase.for.keystore.", "Enter Passphrase for keystore: "},
+        {"keystore.load.", "keystore load: "},
+        {"certificate.exception.", "certificate exception: "},
+        {"unable.to.instantiate.keystore.class.",
                 "unable to instantiate keystore class: "},
-        {"Certificate chain not found for: alias.  alias must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain.",
+        {"Certificate.chain.not.found.for.alias.alias.must.reference.a.valid.KeyStore.key.entry.containing.a.private.key.and",
                 "Certificate chain not found for: {0}.  {1} must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain."},
-        {"File specified by -certchain does not exist",
+        {"File.specified.by.certchain.does.not.exist",
                 "File specified by -certchain does not exist"},
-        {"Cannot restore certchain from file specified",
+        {"Cannot.restore.certchain.from.file.specified",
                 "Cannot restore certchain from file specified"},
-        {"Certificate chain not found in the file specified.",
+        {"Certificate.chain.not.found.in.the.file.specified.",
                 "Certificate chain not found in the file specified."},
-        {"found non-X.509 certificate in signer's chain",
+        {"found.non.X.509.certificate.in.signer.s.chain",
                 "found non-X.509 certificate in signer's chain"},
-        {"incomplete certificate chain", "incomplete certificate chain"},
-        {"Enter key password for alias: ", "Enter key password for {0}: "},
-        {"unable to recover key from keystore",
+        {"incomplete.certificate.chain", "incomplete certificate chain"},
+        {"Enter.key.password.for.alias.", "Enter key password for {0}: "},
+        {"unable.to.recover.key.from.keystore",
                 "unable to recover key from keystore"},
-        {"key associated with alias not a private key",
+        {"key.associated.with.alias.not.a.private.key",
                 "key associated with {0} not a private key"},
-        {"you must enter key password", "you must enter key password"},
-        {"unable to read password: ", "unable to read password: "},
-        {"certificate is valid from", "certificate is valid from {0} to {1}"},
-        {"certificate expired on", "certificate expired on {0}"},
-        {"certificate is not valid until",
+        {"you.must.enter.key.password", "you must enter key password"},
+        {"unable.to.read.password.", "unable to read password: "},
+        {"certificate.is.valid.from", "certificate is valid from {0} to {1}"},
+        {"certificate.expired.on", "certificate expired on {0}"},
+        {"certificate.is.not.valid.until",
                 "certificate is not valid until {0}"},
-        {"certificate will expire on", "certificate will expire on {0}"},
-        {"[CertPath not validated: ", "[CertPath not validated: "},
-        {"requesting a signature timestamp",
+        {"certificate.will.expire.on", "certificate will expire on {0}"},
+        {".CertPath.not.validated.", "[CertPath not validated: "},
+        {"requesting.a.signature.timestamp",
                 "requesting a signature timestamp"},
-        {"TSA location: ", "TSA location: "},
-        {"TSA certificate: ", "TSA certificate: "},
-        {"no response from the Timestamping Authority. ",
+        {"TSA.location.", "TSA location: "},
+        {"TSA.certificate.", "TSA certificate: "},
+        {"no.response.from.the.Timestamping.Authority.",
                 "no response from the Timestamping Authority. "},
-        {"When connecting from behind a firewall then an HTTP proxy may need to be specified. ",
+        {"When.connecting.from.behind.a.firewall.then.an.HTTP.proxy.may.need.to.be.specified.",
                 "When connecting from behind a firewall then an HTTP proxy may need to be specified. "},
-        {"Supply the following options to jarsigner: ",
+        {"Supply.the.following.options.to.jarsigner.",
                 "Supply the following options to jarsigner: "},
-        {"Certificate not found for: alias.  alias must reference a valid KeyStore entry containing an X.509 public key certificate for the Timestamping Authority.",
+        {"Certificate.not.found.for.alias.alias.must.reference.a.valid.KeyStore.entry.containing.an.X.509.public.key.certificate.for.the",
                 "Certificate not found for: {0}.  {1} must reference a valid KeyStore entry containing an X.509 public key certificate for the Timestamping Authority."},
-        {"using an alternative signing mechanism",
+        {"using.an.alternative.signing.mechanism",
                 "using an alternative signing mechanism"},
-        {"entry was signed on", "entry was signed on {0}"},
-        {"with a CRL including %d entries", "with a CRL including %d entries"},
-        {"Warning: ", "Warning: "},
-        {"This jar contains unsigned entries which have not been integrity-checked. ",
+        {"entry.was.signed.on", "entry was signed on {0}"},
+        {"with.a.CRL.including.d.entries", "with a CRL including %d entries"},
+        {"Warning.", "Warning: "},
+        {"This.jar.contains.unsigned.entries.which.have.not.been.integrity.checked.",
                 "This jar contains unsigned entries which have not been integrity-checked. "},
-        {"This jar contains entries whose signer certificate has expired. ",
+        {"This.jar.contains.entries.whose.signer.certificate.has.expired.",
                 "This jar contains entries whose signer certificate has expired. "},
-        {"This jar contains entries whose signer certificate will expire within six months. ",
+        {"This.jar.contains.entries.whose.signer.certificate.will.expire.within.six.months.",
                 "This jar contains entries whose signer certificate will expire within six months. "},
-        {"This jar contains entries whose signer certificate is not yet valid. ",
+        {"This.jar.contains.entries.whose.signer.certificate.is.not.yet.valid.",
                 "This jar contains entries whose signer certificate is not yet valid. "},
-        {"Re-run with the -verbose option for more details.",
+        {"Re.run.with.the.verbose.option.for.more.details.",
                 "Re-run with the -verbose option for more details."},
-        {"Re-run with the -verbose and -certs options for more details.",
+        {"Re.run.with.the.verbose.and.certs.options.for.more.details.",
                 "Re-run with the -verbose and -certs options for more details."},
-        {"The signer certificate has expired.",
+        {"The.signer.certificate.has.expired.",
                 "The signer certificate has expired."},
-        {"The signer certificate will expire within six months.",
+        {"The.signer.certificate.will.expire.within.six.months.",
                 "The signer certificate will expire within six months."},
-        {"The signer certificate is not yet valid.",
+        {"The.signer.certificate.is.not.yet.valid.",
                 "The signer certificate is not yet valid."},
-        {"The signer certificate's KeyUsage extension doesn't allow code signing.",
+        {"The.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing.",
                  "The signer certificate's KeyUsage extension doesn't allow code signing."},
-        {"The signer certificate's ExtendedKeyUsage extension doesn't allow code signing.",
+        {"The.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing.",
                  "The signer certificate's ExtendedKeyUsage extension doesn't allow code signing."},
-        {"The signer certificate's NetscapeCertType extension doesn't allow code signing.",
+        {"The.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing.",
                  "The signer certificate's NetscapeCertType extension doesn't allow code signing."},
-        {"This jar contains entries whose signer certificate's KeyUsage extension doesn't allow code signing.",
+        {"This.jar.contains.entries.whose.signer.certificate.s.KeyUsage.extension.doesn.t.allow.code.signing.",
                  "This jar contains entries whose signer certificate's KeyUsage extension doesn't allow code signing."},
-        {"This jar contains entries whose signer certificate's ExtendedKeyUsage extension doesn't allow code signing.",
+        {"This.jar.contains.entries.whose.signer.certificate.s.ExtendedKeyUsage.extension.doesn.t.allow.code.signing.",
                  "This jar contains entries whose signer certificate's ExtendedKeyUsage extension doesn't allow code signing."},
-        {"This jar contains entries whose signer certificate's NetscapeCertType extension doesn't allow code signing.",
+        {"This.jar.contains.entries.whose.signer.certificate.s.NetscapeCertType.extension.doesn.t.allow.code.signing.",
                  "This jar contains entries whose signer certificate's NetscapeCertType extension doesn't allow code signing."},
-        {"[{0} extension does not support code signing]",
+        {".{0}.extension.does.not.support.code.signing.",
                  "[{0} extension does not support code signing]"},
-        {"The signer's certificate chain is not validated.",
+        {"The.signer.s.certificate.chain.is.not.validated.",
                 "The signer's certificate chain is not validated."},
-        {"This jar contains entries whose certificate chain is not validated.",
+        {"This.jar.contains.entries.whose.certificate.chain.is.not.validated.",
                  "This jar contains entries whose certificate chain is not validated."},
     };
 
--- a/src/share/classes/sun/security/tools/KeyTool.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/sun/security/tools/KeyTool.java	Thu Nov 11 15:51:12 2010 +0800
@@ -160,82 +160,82 @@
     private List <String> v3ext = new ArrayList <String> ();
 
     enum Command {
-        CERTREQ("Generates a certificate request",
+        CERTREQ("Generates.a.certificate.request",
             ALIAS, SIGALG, FILEOUT, KEYPASS, KEYSTORE, DNAME,
             STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
             PROVIDERARG, PROVIDERPATH, V, PROTECTED),
-        CHANGEALIAS("Changes an entry's alias",
+        CHANGEALIAS("Changes.an.entry.s.alias",
             ALIAS, DESTALIAS, KEYPASS, KEYSTORE, STOREPASS,
             STORETYPE, PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
             PROVIDERPATH, V, PROTECTED),
-        DELETE("Deletes an entry",
+        DELETE("Deletes.an.entry",
             ALIAS, KEYSTORE, STOREPASS, STORETYPE,
             PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
             PROVIDERPATH, V, PROTECTED),
-        EXPORTCERT("Exports certificate",
+        EXPORTCERT("Exports.certificate",
             RFC, ALIAS, FILEOUT, KEYSTORE, STOREPASS,
             STORETYPE, PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
             PROVIDERPATH, V, PROTECTED),
-        GENKEYPAIR("Generates a key pair",
+        GENKEYPAIR("Generates.a.key.pair",
             ALIAS, KEYALG, KEYSIZE, SIGALG, DESTALIAS, DNAME,
             STARTDATE, EXT, VALIDITY, KEYPASS, KEYSTORE,
             STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
             PROVIDERARG, PROVIDERPATH, V, PROTECTED),
-        GENSECKEY("Generates a secret key",
+        GENSECKEY("Generates.a.secret.key",
             ALIAS, KEYPASS, KEYALG, KEYSIZE, KEYSTORE,
             STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
             PROVIDERARG, PROVIDERPATH, V, PROTECTED),
-        GENCERT("Generates certificate from a certificate request",
+        GENCERT("Generates.certificate.from.a.certificate.request",
             RFC, INFILE, OUTFILE, ALIAS, SIGALG, DNAME,
             STARTDATE, EXT, VALIDITY, KEYPASS, KEYSTORE,
             STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
             PROVIDERARG, PROVIDERPATH, V, PROTECTED),
-        IMPORTCERT("Imports a certificate or a certificate chain",
+        IMPORTCERT("Imports.a.certificate.or.a.certificate.chain",
             NOPROMPT, TRUSTCACERTS, PROTECTED, ALIAS, FILEIN,
             KEYPASS, KEYSTORE, STOREPASS, STORETYPE,
             PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
             PROVIDERPATH, V),
-        IMPORTKEYSTORE("Imports one or all entries from another keystore",
+        IMPORTKEYSTORE("Imports.one.or.all.entries.from.another.keystore",
             SRCKEYSTORE, DESTKEYSTORE, SRCSTORETYPE,
             DESTSTORETYPE, SRCSTOREPASS, DESTSTOREPASS,
             SRCPROTECTED, SRCPROVIDERNAME, DESTPROVIDERNAME,
             SRCALIAS, DESTALIAS, SRCKEYPASS, DESTKEYPASS,
             NOPROMPT, PROVIDERCLASS, PROVIDERARG, PROVIDERPATH,
             V),
-        KEYPASSWD("Changes the key password of an entry",
+        KEYPASSWD("Changes.the.key.password.of.an.entry",
             ALIAS, KEYPASS, NEW, KEYSTORE, STOREPASS,
             STORETYPE, PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
             PROVIDERPATH, V),
-        LIST("Lists entries in a keystore",
+        LIST("Lists.entries.in.a.keystore",
             RFC, ALIAS, KEYSTORE, STOREPASS, STORETYPE,
             PROVIDERNAME, PROVIDERCLASS, PROVIDERARG,
             PROVIDERPATH, V, PROTECTED),
-        PRINTCERT("Prints the content of a certificate",
+        PRINTCERT("Prints.the.content.of.a.certificate",
             RFC, FILEIN, SSLSERVER, JARFILE, V),
-        PRINTCERTREQ("Prints the content of a certificate request",
+        PRINTCERTREQ("Prints.the.content.of.a.certificate.request",
             FILEIN, V),
-        PRINTCRL("Prints the content of a CRL file",
+        PRINTCRL("Prints.the.content.of.a.CRL.file",
             FILEIN, V),
-        STOREPASSWD("Changes the store password of a keystore",
+        STOREPASSWD("Changes.the.store.password.of.a.keystore",
             NEW, KEYSTORE, STOREPASS, STORETYPE, PROVIDERNAME,
             PROVIDERCLASS, PROVIDERARG, PROVIDERPATH, V),
 
         // Undocumented start here, KEYCLONE is used a marker in -help;
 
-        KEYCLONE("Clones a key entry",
+        KEYCLONE("Clones.a.key.entry",
             ALIAS, DESTALIAS, KEYPASS, NEW, STORETYPE,
             KEYSTORE, STOREPASS, PROVIDERNAME, PROVIDERCLASS,
             PROVIDERARG, PROVIDERPATH, V),
-        SELFCERT("Generates a self-signed certificate",
+        SELFCERT("Generates.a.self.signed.certificate",
             ALIAS, SIGALG, DNAME, STARTDATE, VALIDITY, KEYPASS,
             STORETYPE, KEYSTORE, STOREPASS, PROVIDERNAME,
             PROVIDERCLASS, PROVIDERARG, PROVIDERPATH, V),
-        GENCRL("Generates CRL",
+        GENCRL("Generates.CRL",
             RFC, FILEOUT, ID,
             ALIAS, SIGALG, EXT, KEYPASS, KEYSTORE,
             STOREPASS, STORETYPE, PROVIDERNAME, PROVIDERCLASS,
             PROVIDERARG, PROVIDERPATH, V, PROTECTED),
-        IDENTITYDB("Imports entries from a JDK 1.1.x-style identity database",
+        IDENTITYDB("Imports.entries.from.a.JDK.1.1.x.style.identity.database",
             FILEIN, STORETYPE, KEYSTORE, STOREPASS, PROVIDERNAME,
             PROVIDERCLASS, PROVIDERARG, PROVIDERPATH, V);
 
@@ -252,49 +252,49 @@
     };
 
     enum Option {
-        ALIAS("alias", "<alias>", "alias name of the entry to process"),
-        DESTALIAS("destalias", "<destalias>", "destination alias"),
-        DESTKEYPASS("destkeypass", "<arg>", "destination key password"),
-        DESTKEYSTORE("destkeystore", "<destkeystore>", "destination keystore name"),
-        DESTPROTECTED("destprotected", null, "destination keystore password protected"),
-        DESTPROVIDERNAME("destprovidername", "<destprovidername>", "destination keystore provider name"),
-        DESTSTOREPASS("deststorepass", "<arg>", "destination keystore password"),
-        DESTSTORETYPE("deststoretype", "<deststoretype>", "destination keystore type"),
-        DNAME("dname", "<dname>", "distinguished name"),
-        EXT("ext", "<value>", "X.509 extension"),
-        FILEOUT("file", "<filename>", "output file name"),
-        FILEIN("file", "<filename>", "input file name"),
-        ID("id", "<id:reason>", "Serial ID of cert to revoke"),
-        INFILE("infile", "<filename>", "input file name"),
-        KEYALG("keyalg", "<keyalg>", "key algorithm name"),
-        KEYPASS("keypass", "<arg>", "key password"),
-        KEYSIZE("keysize", "<keysize>", "key bit size"),
-        KEYSTORE("keystore", "<keystore>", "keystore name"),
-        NEW("new", "<arg>", "new password"),
-        NOPROMPT("noprompt", null, "do not prompt"),
-        OUTFILE("outfile", "<filename>", "output file name"),
-        PROTECTED("protected", null, "password through protected mechanism"),
-        PROVIDERARG("providerarg", "<arg>", "provider argument"),
-        PROVIDERCLASS("providerclass", "<providerclass>", "provider class name"),
-        PROVIDERNAME("providername", "<providername>", "provider name"),
-        PROVIDERPATH("providerpath", "<pathlist>", "provider classpath"),
-        RFC("rfc", null, "output in RFC style"),
-        SIGALG("sigalg", "<sigalg>", "signature algorithm name"),
-        SRCALIAS("srcalias", "<srcalias>", "source alias"),
-        SRCKEYPASS("srckeypass", "<arg>", "source key password"),
-        SRCKEYSTORE("srckeystore", "<srckeystore>", "source keystore name"),
-        SRCPROTECTED("srcprotected", null, "source keystore password protected"),
-        SRCPROVIDERNAME("srcprovidername", "<srcprovidername>", "source keystore provider name"),
-        SRCSTOREPASS("srcstorepass", "<arg>", "source keystore password"),
-        SRCSTORETYPE("srcstoretype", "<srcstoretype>", "source keystore type"),
-        SSLSERVER("sslserver", "<server[:port]>", "SSL server host and port"),
-        JARFILE("jarfile", "<filename>", "signed jar file"),
-        STARTDATE("startdate", "<startdate>", "certificate validity start date/time"),
-        STOREPASS("storepass", "<arg>", "keystore password"),
-        STORETYPE("storetype", "<storetype>", "keystore type"),
-        TRUSTCACERTS("trustcacerts", null, "trust certificates from cacerts"),
-        V("v", null, "verbose output"),
-        VALIDITY("validity", "<valDays>", "validity number of days");
+        ALIAS("alias", "<alias>", "alias.name.of.the.entry.to.process"),
+        DESTALIAS("destalias", "<destalias>", "destination.alias"),
+        DESTKEYPASS("destkeypass", "<arg>", "destination.key.password"),
+        DESTKEYSTORE("destkeystore", "<destkeystore>", "destination.keystore.name"),
+        DESTPROTECTED("destprotected", null, "destination.keystore.password.protected"),
+        DESTPROVIDERNAME("destprovidername", "<destprovidername>", "destination.keystore.provider.name"),
+        DESTSTOREPASS("deststorepass", "<arg>", "destination.keystore.password"),
+        DESTSTORETYPE("deststoretype", "<deststoretype>", "destination.keystore.type"),
+        DNAME("dname", "<dname>", "distinguished.name"),
+        EXT("ext", "<value>", "X.509.extension"),
+        FILEOUT("file", "<filename>", "output.file.name"),
+        FILEIN("file", "<filename>", "input.file.name"),
+        ID("id", "<id:reason>", "Serial.ID.of.cert.to.revoke"),
+        INFILE("infile", "<filename>", "input.file.name"),
+        KEYALG("keyalg", "<keyalg>", "key.algorithm.name"),
+        KEYPASS("keypass", "<arg>", "key.password"),
+        KEYSIZE("keysize", "<keysize>", "key.bit.size"),
+        KEYSTORE("keystore", "<keystore>", "keystore.name"),
+        NEW("new", "<arg>", "new.password"),
+        NOPROMPT("noprompt", null, "do.not.prompt"),
+        OUTFILE("outfile", "<filename>", "output.file.name"),
+        PROTECTED("protected", null, "password.through.protected.mechanism"),
+        PROVIDERARG("providerarg", "<arg>", "provider.argument"),
+        PROVIDERCLASS("providerclass", "<providerclass>", "provider.class.name"),
+        PROVIDERNAME("providername", "<providername>", "provider.name"),
+        PROVIDERPATH("providerpath", "<pathlist>", "provider.classpath"),
+        RFC("rfc", null, "output.in.RFC.style"),
+        SIGALG("sigalg", "<sigalg>", "signature.algorithm.name"),
+        SRCALIAS("srcalias", "<srcalias>", "source.alias"),
+        SRCKEYPASS("srckeypass", "<arg>", "source.key.password"),
+        SRCKEYSTORE("srckeystore", "<srckeystore>", "source.keystore.name"),
+        SRCPROTECTED("srcprotected", null, "source.keystore.password.protected"),
+        SRCPROVIDERNAME("srcprovidername", "<srcprovidername>", "source.keystore.provider.name"),
+        SRCSTOREPASS("srcstorepass", "<arg>", "source.keystore.password"),
+        SRCSTORETYPE("srcstoretype", "<srcstoretype>", "source.keystore.type"),
+        SSLSERVER("sslserver", "<server[:port]>", "SSL.server.host.and.port"),
+        JARFILE("jarfile", "<filename>", "signed.jar.file"),
+        STARTDATE("startdate", "<startdate>", "certificate.validity.start.date.time"),
+        STOREPASS("storepass", "<arg>", "keystore.password"),
+        STORETYPE("storetype", "<storetype>", "keystore.type"),
+        TRUSTCACERTS("trustcacerts", null, "trust.certificates.from.cacerts"),
+        V("v", null, "verbose.output"),
+        VALIDITY("validity", "<valDays>", "validity.number.of.days");
 
         final String name, arg, description;
         Option(String name, String arg, String description) {
@@ -339,7 +339,7 @@
                 doCommands(out);
             }
         } catch (Exception e) {
-            System.out.println(rb.getString("keytool error: ") + e);
+            System.out.println(rb.getString("keytool.error.") + e);
             if (verbose) {
                 e.printStackTrace(System.out);
             }
@@ -532,13 +532,13 @@
             } else if (collator.compare(flags, "-srcprotected") == 0) {
                 srcprotectedPath = true;
             } else  {
-                System.err.println(rb.getString("Illegal option:  ") + flags);
+                System.err.println(rb.getString("Illegal.option.") + flags);
                 tinyHelp();
             }
         }
 
         if (i<args.length) {
-            System.err.println(rb.getString("Illegal option:  ") + args[i]);
+            System.err.println(rb.getString("Illegal.option.") + args[i]);
             tinyHelp();
         }
 
@@ -546,7 +546,7 @@
             if (help) {
                 usage();
             } else {
-                System.err.println(rb.getString("Usage error: no command provided"));
+                System.err.println(rb.getString("Usage.error.no.command.provided"));
                 tinyHelp();
             }
         } else if (help) {
@@ -587,7 +587,7 @@
 
         if (token && !nullStream) {
             System.err.println(MessageFormat.format(rb.getString
-                ("-keystore must be NONE if -storetype is {0}"), storetype));
+                (".keystore.must.be.NONE.if.storetype.is.{0}"), storetype));
             System.err.println();
             tinyHelp();
         }
@@ -595,38 +595,31 @@
         if (token &&
             (command == KEYPASSWD || command == STOREPASSWD)) {
             throw new UnsupportedOperationException(MessageFormat.format(rb.getString
-                        ("-storepasswd and -keypasswd commands not supported " +
-                        "if -storetype is {0}"), storetype));
+                        (".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}"), storetype));
         }
 
         if (P12KEYSTORE.equalsIgnoreCase(storetype) && command == KEYPASSWD) {
             throw new UnsupportedOperationException(rb.getString
-                        ("-keypasswd commands not supported " +
-                        "if -storetype is PKCS12"));
+                        (".keypasswd.commands.not.supported.if.storetype.is.PKCS12"));
         }
 
         if (token && (keyPass != null || newPass != null || destKeyPass != null)) {
             throw new IllegalArgumentException(MessageFormat.format(rb.getString
-                ("-keypass and -new " +
-                "can not be specified if -storetype is {0}"), storetype));
+                (".keypass.and.new.can.not.be.specified.if.storetype.is.{0}"), storetype));
         }
 
         if (protectedPath) {
             if (storePass != null || keyPass != null ||
                     newPass != null || destKeyPass != null) {
                 throw new IllegalArgumentException(rb.getString
-                        ("if -protected is specified, " +
-                        "then -storepass, -keypass, and -new " +
-                        "must not be specified"));
+                        ("if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified"));
             }
         }
 
         if (srcprotectedPath) {
             if (srcstorePass != null || srckeyPass != null) {
                 throw new IllegalArgumentException(rb.getString
-                        ("if -srcprotected is specified, " +
-                        "then -srcstorepass and -srckeypass " +
-                        "must not be specified"));
+                        ("if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified"));
             }
         }
 
@@ -634,24 +627,20 @@
             if (storePass != null || keyPass != null ||
                     newPass != null || destKeyPass != null) {
                 throw new IllegalArgumentException(rb.getString
-                        ("if keystore is not password protected, " +
-                        "then -storepass, -keypass, and -new " +
-                        "must not be specified"));
+                        ("if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified"));
             }
         }
 
         if (KeyStoreUtil.isWindowsKeyStore(srcstoretype)) {
             if (srcstorePass != null || srckeyPass != null) {
                 throw new IllegalArgumentException(rb.getString
-                        ("if source keystore is not password protected, " +
-                        "then -srcstorepass and -srckeypass " +
-                        "must not be specified"));
+                        ("if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified"));
             }
         }
 
         if (validity <= (long)0) {
             throw new Exception
-                (rb.getString("Validity must be greater than zero"));
+                (rb.getString("Validity.must.be.greater.than.zero"));
         }
 
         // Try to load and install specified provider
@@ -690,7 +679,7 @@
                 }
                 if (!(obj instanceof Provider)) {
                     MessageFormat form = new MessageFormat
-                        (rb.getString("provName not a provider"));
+                        (rb.getString("provName.not.a.provider"));
                     Object[] source = {provName};
                     throw new Exception(form.format(source));
                 }
@@ -700,22 +689,22 @@
 
         if (command == LIST && verbose && rfc) {
             System.err.println(rb.getString
-                ("Must not specify both -v and -rfc with 'list' command"));
+                ("Must.not.specify.both.v.and.rfc.with.list.command"));
             tinyHelp();
         }
 
         // Make sure provided passwords are at least 6 characters long
         if (command == GENKEYPAIR && keyPass!=null && keyPass.length < 6) {
             throw new Exception(rb.getString
-                ("Key password must be at least 6 characters"));
+                ("Key.password.must.be.at.least.6.characters"));
         }
         if (newPass != null && newPass.length < 6) {
             throw new Exception(rb.getString
-                ("New password must be at least 6 characters"));
+                ("New.password.must.be.at.least.6.characters"));
         }
         if (destKeyPass != null && destKeyPass.length < 6) {
             throw new Exception(rb.getString
-                ("New password must be at least 6 characters"));
+                ("New.password.must.be.at.least.6.characters"));
         }
 
         // Check if keystore exists.
@@ -735,7 +724,7 @@
                     // Check if keystore file is empty
                     if (ksfile.exists() && ksfile.length() == 0) {
                         throw new Exception(rb.getString
-                        ("Keystore file exists, but is empty: ") + ksfname);
+                        ("Keystore.file.exists.but.is.empty.") + ksfname);
                     }
                     ksStream = new FileInputStream(ksfile);
                 } catch (FileNotFoundException e) {
@@ -746,7 +735,7 @@
                         command != IMPORTKEYSTORE &&
                         command != PRINTCRL) {
                         throw new Exception(rb.getString
-                                ("Keystore file does not exist: ") + ksfname);
+                                ("Keystore.file.does.not.exist.") + ksfname);
                     }
                 }
             }
@@ -757,14 +746,14 @@
             dest = getAlias("destination");
             if ("".equals(dest)) {
                 throw new Exception(rb.getString
-                        ("Must specify destination alias"));
+                        ("Must.specify.destination.alias"));
             }
         }
 
         if (command == DELETE && alias == null) {
             alias = getAlias(null);
             if ("".equals(alias)) {
-                throw new Exception(rb.getString("Must specify alias"));
+                throw new Exception(rb.getString("Must.specify.alias"));
             }
         }
 
@@ -812,7 +801,7 @@
             // insist that the password be at least 6 characters
             if (ksStream == null && storePass.length < 6) {
                 throw new Exception(rb.getString
-                        ("Keystore password must be at least 6 characters"));
+                        ("Keystore.password.must.be.at.least.6.characters"));
             }
         } else if (storePass == null) {
 
@@ -835,10 +824,10 @@
                 do {
                     if (command == IMPORTKEYSTORE) {
                         System.err.print
-                                (rb.getString("Enter destination keystore password:  "));
+                                (rb.getString("Enter.destination.keystore.password."));
                     } else {
                         System.err.print
-                                (rb.getString("Enter keystore password:  "));
+                                (rb.getString("Enter.keystore.password."));
                     }
                     System.err.flush();
                     storePass = Password.readPassword(System.in);
@@ -848,20 +837,19 @@
                     // insist that the password be at least 6 characters
                     if (!nullStream && (storePass == null || storePass.length < 6)) {
                         System.err.println(rb.getString
-                                ("Keystore password is too short - " +
-                                "must be at least 6 characters"));
+                                ("Keystore.password.is.too.short.must.be.at.least.6.characters"));
                         storePass = null;
                     }
 
                     // If the keystore file does not exist and needs to be
                     // created, the storepass should be prompted twice.
                     if (storePass != null && !nullStream && ksStream == null) {
-                        System.err.print(rb.getString("Re-enter new password: "));
+                        System.err.print(rb.getString("Re.enter.new.password."));
                         char[] storePassAgain = Password.readPassword(System.in);
                         passwords.add(storePassAgain);
                         if (!Arrays.equals(storePass, storePassAgain)) {
                             System.err.println
-                                (rb.getString("They don't match. Try again"));
+                                (rb.getString("They.don.t.match.Try.again"));
                             storePass = null;
                         }
                     }
@@ -872,7 +860,7 @@
 
                 if (storePass == null) {
                     System.err.println
-                        (rb.getString("Too many failures - try later"));
+                        (rb.getString("Too.many.failures.try.later"));
                     return;
                 }
             } else if (!protectedPath
@@ -880,7 +868,7 @@
                     && isKeyStoreRelated(command)) {
                 // here we have EXPORTCERT and LIST (info valid until STOREPASSWD)
                 if (command != PRINTCRL) {
-                    System.err.print(rb.getString("Enter keystore password:  "));
+                    System.err.print(rb.getString("Enter.keystore.password."));
                     System.err.flush();
                     storePass = Password.readPassword(System.in);
                     passwords.add(storePass);
@@ -900,8 +888,7 @@
 
         if (storePass != null && P12KEYSTORE.equalsIgnoreCase(storetype)) {
             MessageFormat form = new MessageFormat(rb.getString(
-                "Warning:  Different store and key passwords not supported " +
-                "for PKCS12 KeyStores. Ignoring user-specified <command> value."));
+                "Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value."));
             if (keyPass != null && !Arrays.equals(storePass, keyPass)) {
                 Object[] source = {"-keypass"};
                 System.err.println(form.format(source));
@@ -946,10 +933,10 @@
             }
             if (verbose && filename != null) {
                 MessageFormat form = new MessageFormat(rb.getString
-                        ("Certification request stored in file <filename>"));
+                        ("Certification.request.stored.in.file.filename."));
                 Object[] source = {filename};
                 System.err.println(form.format(source));
-                System.err.println(rb.getString("Submit this to your CA"));
+                System.err.println(rb.getString("Submit.this.to.your.CA"));
             }
         } else if (command == DELETE) {
             doDeleteEntry(alias);
@@ -970,7 +957,7 @@
             }
             if (filename != null) {
                 MessageFormat form = new MessageFormat(rb.getString
-                        ("Certificate stored in file <filename>"));
+                        ("Certificate.stored.in.file.filename."));
                 Object[] source = {filename};
                 System.err.println(form.format(source));
             }
@@ -1010,10 +997,10 @@
                     kssave = installReply(importAlias, inStream);
                     if (kssave) {
                         System.err.println(rb.getString
-                            ("Certificate reply was installed in keystore"));
+                            ("Certificate.reply.was.installed.in.keystore"));
                     } else {
                         System.err.println(rb.getString
-                            ("Certificate reply was not installed in keystore"));
+                            ("Certificate.reply.was.not.installed.in.keystore"));
                     }
                 } else if (!keyStore.containsAlias(importAlias) ||
                         keyStore.entryInstanceOf(importAlias,
@@ -1021,10 +1008,10 @@
                     kssave = addTrustedCert(importAlias, inStream);
                     if (kssave) {
                         System.err.println(rb.getString
-                            ("Certificate was added to keystore"));
+                            ("Certificate.was.added.to.keystore"));
                     } else {
                         System.err.println(rb.getString
-                            ("Certificate was not added to keystore"));
+                            ("Certificate.was.not.added.to.keystore"));
                     }
                 }
             } finally {
@@ -1044,14 +1031,13 @@
             }
             if (keyStore.containsAlias(alias) == false) {
                 MessageFormat form = new MessageFormat
-                    (rb.getString("Alias <alias> does not exist"));
+                    (rb.getString("Alias.alias.does.not.exist"));
                 Object[] source = {alias};
                 throw new Exception(form.format(source));
             }
             if (!keyStore.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class)) {
                 MessageFormat form = new MessageFormat(rb.getString(
-                        "Alias <alias> references an entry type that is not a private key entry.  " +
-                        "The -keyclone command only supports cloning of private key entries"));
+                        "Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key"));
                 Object[] source = {alias};
                 throw new Exception(form.format(source));
             }
@@ -1148,7 +1134,7 @@
         if (kssave) {
             if (verbose) {
                 MessageFormat form = new MessageFormat
-                        (rb.getString("[Storing ksfname]"));
+                        (rb.getString(".Storing.ksfname."));
                 Object[] source = {nullStream ? "keystore" : ksfname};
                 System.err.println(form.format(source));
             }
@@ -1336,7 +1322,7 @@
         Certificate cert = keyStore.getCertificate(alias);
         if (cert == null) {
             MessageFormat form = new MessageFormat
-                (rb.getString("alias has no public key (certificate)"));
+                (rb.getString("alias.has.no.public.key.certificate."));
             Object[] source = {alias};
             throw new Exception(form.format(source));
         }
@@ -1368,7 +1354,7 @@
     private void doDeleteEntry(String alias) throws Exception {
         if (keyStore.containsAlias(alias) == false) {
             MessageFormat form = new MessageFormat
-                (rb.getString("Alias <alias> does not exist"));
+                (rb.getString("Alias.alias.does.not.exist"));
             Object[] source = {alias};
             throw new Exception(form.format(source));
         }
@@ -1390,7 +1376,7 @@
         }
         if (keyStore.containsAlias(alias) == false) {
             MessageFormat form = new MessageFormat
-                (rb.getString("Alias <alias> does not exist"));
+                (rb.getString("Alias.alias.does.not.exist"));
             Object[] source = {alias};
             throw new Exception(form.format(source));
         }
@@ -1398,7 +1384,7 @@
         X509Certificate cert = (X509Certificate)keyStore.getCertificate(alias);
         if (cert == null) {
             MessageFormat form = new MessageFormat
-                (rb.getString("Alias <alias> has no certificate"));
+                (rb.getString("Alias.alias.has.no.certificate"));
             Object[] source = {alias};
             throw new Exception(form.format(source));
         }
@@ -1419,15 +1405,15 @@
             int count;
             for (count = 0; count < 3; count++) {
                 MessageFormat form = new MessageFormat(rb.getString
-                        ("Enter key password for <alias>"));
+                        ("Enter.key.password.for.alias."));
                 Object[] source = {alias};
                 System.err.println(form.format(source));
                 if (orig == null) {
                     System.err.print(rb.getString
-                            ("\t(RETURN if same as keystore password):  "));
+                            (".RETURN.if.same.as.keystore.password."));
                 } else {
                     form = new MessageFormat(rb.getString
-                            ("\t(RETURN if same as for <otherAlias>)"));
+                            (".RETURN.if.same.as.for.otherAlias."));
                     Object[] src = {orig};
                     System.err.print(form.format(src));
                 }
@@ -1437,27 +1423,27 @@
                 if (entered == null) {
                     return origPass;
                 } else if (entered.length >= 6) {
-                    System.err.print(rb.getString("Re-enter new password: "));
+                    System.err.print(rb.getString("Re.enter.new.password."));
                     char[] passAgain = Password.readPassword(System.in);
                     passwords.add(passAgain);
                     if (!Arrays.equals(entered, passAgain)) {
                         System.err.println
-                            (rb.getString("They don't match. Try again"));
+                            (rb.getString("They.don.t.match.Try.again"));
                         continue;
                     }
                     return entered;
                 } else {
                     System.err.println(rb.getString
-                        ("Key password is too short - must be at least 6 characters"));
+                        ("Key.password.is.too.short.must.be.at.least.6.characters"));
                 }
             }
             if (count == 3) {
                 if (command == KEYCLONE) {
                     throw new Exception(rb.getString
-                        ("Too many failures. Key entry not cloned"));
+                        ("Too.many.failures.Key.entry.not.cloned"));
                 } else {
                     throw new Exception(rb.getString
-                            ("Too many failures - key not added to keystore"));
+                            ("Too.many.failures.key.not.added.to.keystore"));
                 }
             }
         }
@@ -1475,7 +1461,7 @@
         }
         if (keyStore.containsAlias(alias)) {
             MessageFormat form = new MessageFormat(rb.getString
-                ("Secret key not generated, alias <alias> already exists"));
+                ("Secret.key.not.generated.alias.alias.already.exists"));
             Object[] source = {alias};
             throw new Exception(form.format(source));
         }
@@ -1490,7 +1476,7 @@
             keygen.init(168);
         } else {
             throw new Exception(rb.getString
-                ("Please provide -keysize for secret key generation"));
+                ("Please.provide.keysize.for.secret.key.generation"));
         }
 
         secKey = keygen.generateKey();
@@ -1514,7 +1500,7 @@
             return "SHA256withECDSA";
         } else {
             throw new Exception(rb.getString
-                    ("Cannot derive signature algorithm"));
+                    ("Cannot.derive.signature.algorithm"));
         }
     }
     /**
@@ -1540,7 +1526,7 @@
 
         if (keyStore.containsAlias(alias)) {
             MessageFormat form = new MessageFormat(rb.getString
-                ("Key pair not generated, alias <alias> already exists"));
+                ("Key.pair.not.generated.alias.alias.already.exists"));
             Object[] source = {alias};
             throw new Exception(form.format(source));
         }
@@ -1569,8 +1555,7 @@
 
         if (verbose) {
             MessageFormat form = new MessageFormat(rb.getString
-                ("Generating keysize bit keyAlgName key pair and self-signed certificate " +
-                    "(sigAlgName) with a validity of validality days\n\tfor: x500Name"));
+                ("Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for"));
             Object[] source = {new Integer(keysize),
                                 privKey.getAlgorithm(),
                                 chain[0].getSigAlgName(),
@@ -1603,7 +1588,7 @@
 
         if (keyStore.containsAlias(dest)) {
             MessageFormat form = new MessageFormat
-                (rb.getString("Destination alias <dest> already exists"));
+                (rb.getString("Destination.alias.dest.already.exists"));
             Object[] source = {dest};
             throw new Exception(form.format(source));
         }
@@ -1644,7 +1629,7 @@
 
         if (keyPassNew == null) {
             MessageFormat form = new MessageFormat
-                (rb.getString("key password for <alias>"));
+                (rb.getString("key.password.for.alias."));
             Object[] source = {alias};
             keyPassNew = getNewPasswd(form.format(source), keyPass);
         }
@@ -1661,7 +1646,7 @@
         throws Exception
     {
         System.err.println(rb.getString
-            ("No entries from identity database added"));
+            ("No.entries.from.identity.database.added"));
     }
 
     /**
@@ -1678,32 +1663,32 @@
 
         if (keyStore.containsAlias(alias) == false) {
             MessageFormat form = new MessageFormat
-                (rb.getString("Alias <alias> does not exist"));
+                (rb.getString("Alias.alias.does.not.exist"));
             Object[] source = {alias};
             throw new Exception(form.format(source));
         }
 
         if (verbose || rfc || debug) {
             MessageFormat form = new MessageFormat
-                (rb.getString("Alias name: alias"));
+                (rb.getString("Alias.name.alias"));
             Object[] source = {alias};
             out.println(form.format(source));
 
             if (!token) {
                 form = new MessageFormat(rb.getString
-                    ("Creation date: keyStore.getCreationDate(alias)"));
+                    ("Creation.date.keyStore.getCreationDate.alias."));
                 Object[] src = {keyStore.getCreationDate(alias)};
                 out.println(form.format(src));
             }
         } else {
             if (!token) {
                 MessageFormat form = new MessageFormat
-                    (rb.getString("alias, keyStore.getCreationDate(alias), "));
+                    (rb.getString("alias.keyStore.getCreationDate.alias."));
                 Object[] source = {alias, keyStore.getCreationDate(alias)};
                 out.print(form.format(source));
             } else {
                 MessageFormat form = new MessageFormat
-                    (rb.getString("alias, "));
+                    (rb.getString("alias."));
                 Object[] source = {alias};
                 out.print(form.format(source));
             }
@@ -1713,7 +1698,7 @@
             if (verbose || rfc || debug) {
                 Object[] source = {"SecretKeyEntry"};
                 out.println(new MessageFormat(
-                        rb.getString("Entry type: <type>")).format(source));
+                        rb.getString("Entry.type.type.")).format(source));
             } else {
                 out.println("SecretKeyEntry, ");
             }
@@ -1721,7 +1706,7 @@
             if (verbose || rfc || debug) {
                 Object[] source = {"PrivateKeyEntry"};
                 out.println(new MessageFormat(
-                        rb.getString("Entry type: <type>")).format(source));
+                        rb.getString("Entry.type.type.")).format(source));
             } else {
                 out.println("PrivateKeyEntry, ");
             }
@@ -1731,10 +1716,10 @@
             if (chain != null) {
                 if (verbose || rfc || debug) {
                     out.println(rb.getString
-                        ("Certificate chain length: ") + chain.length);
+                        ("Certificate.chain.length.") + chain.length);
                     for (int i = 0; i < chain.length; i ++) {
                         MessageFormat form = new MessageFormat
-                                (rb.getString("Certificate[(i + 1)]:"));
+                                (rb.getString("Certificate.i.1."));
                         Object[] source = {new Integer((i + 1))};
                         out.println(form.format(source));
                         if (verbose && (chain[i] instanceof X509Certificate)) {
@@ -1748,7 +1733,7 @@
                 } else {
                     // Print the digest of the user cert only
                     out.println
-                        (rb.getString("Certificate fingerprint (SHA1): ") +
+                        (rb.getString("Certificate.fingerprint.SHA1.") +
                         getCertFingerPrint("SHA1", chain[0]));
                 }
             }
@@ -1757,20 +1742,20 @@
             // We have a trusted certificate entry
             Certificate cert = keyStore.getCertificate(alias);
             if (verbose && (cert instanceof X509Certificate)) {
-                out.println(rb.getString("Entry type: trustedCertEntry\n"));
+                out.println(rb.getString("Entry.type.trustedCertEntry."));
                 printX509Cert((X509Certificate)cert, out);
             } else if (rfc) {
-                out.println(rb.getString("Entry type: trustedCertEntry\n"));
+                out.println(rb.getString("Entry.type.trustedCertEntry."));
                 dumpCert(cert, out);
             } else if (debug) {
                 out.println(cert.toString());
             } else {
-                out.println(rb.getString("trustedCertEntry,"));
-                out.println(rb.getString("Certificate fingerprint (SHA1): ")
+                out.println(rb.getString("trustedCertEntry."));
+                out.println(rb.getString("Certificate.fingerprint.SHA1.")
                             + getCertFingerPrint("SHA1", cert));
             }
         } else {
-            out.println(rb.getString("Unknown Entry Type"));
+            out.println(rb.getString("Unknown.Entry.Type"));
         }
     }
 
@@ -1787,7 +1772,7 @@
                 KeyStoreUtil.isWindowsKeyStore(srcstoretype)) {
             if (!NONE.equals(srcksfname)) {
                 System.err.println(MessageFormat.format(rb.getString
-                    ("-keystore must be NONE if -storetype is {0}"), srcstoretype));
+                    (".keystore.must.be.NONE.if.storetype.is.{0}"), srcstoretype));
                 System.err.println();
                 tinyHelp();
             }
@@ -1797,13 +1782,13 @@
                 File srcksfile = new File(srcksfname);
                     if (srcksfile.exists() && srcksfile.length() == 0) {
                         throw new Exception(rb.getString
-                                ("Source keystore file exists, but is empty: ") +
+                                ("Source.keystore.file.exists.but.is.empty.") +
                                 srcksfname);
                 }
                 is = new FileInputStream(srcksfile);
             } else {
                 throw new Exception(rb.getString
-                        ("Please specify -srckeystore"));
+                        ("Please.specify.srckeystore"));
             }
         }
 
@@ -1818,7 +1803,7 @@
             if (srcstorePass == null
                     && !srcprotectedPath
                     && !KeyStoreUtil.isWindowsKeyStore(srcstoretype)) {
-                System.err.print(rb.getString("Enter source keystore password:  "));
+                System.err.print(rb.getString("Enter.source.keystore.password."));
                 System.err.flush();
                 srcstorePass = Password.readPassword(System.in);
                 passwords.add(srcstorePass);
@@ -1829,8 +1814,7 @@
                 if (srckeyPass != null && srcstorePass != null &&
                         !Arrays.equals(srcstorePass, srckeyPass)) {
                     MessageFormat form = new MessageFormat(rb.getString(
-                        "Warning:  Different store and key passwords not supported " +
-                        "for PKCS12 KeyStores. Ignoring user-specified <command> value."));
+                        "Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value."));
                     Object[] source = {"-srckeypass"};
                     System.err.println(form.format(source));
                     srckeyPass = srcstorePass;
@@ -1850,15 +1834,15 @@
             // but change 2 lines
             System.err.println();
             System.err.println(rb.getString
-                ("*****************  WARNING WARNING WARNING  *****************"));
+                (".WARNING.WARNING.WARNING."));
             System.err.println(rb.getString
-                ("* The integrity of the information stored in the srckeystore*"));
+                (".The.integrity.of.the.information.stored.in.the.srckeystore."));
             System.err.println(rb.getString
-                ("* has NOT been verified!  In order to verify its integrity, *"));
+                (".has.NOT.been.verified.In.order.to.verify.its.integrity."));
             System.err.println(rb.getString
-                ("* you must provide the srckeystore password.                *"));
+                (".you.must.provide.the.srckeystore.password."));
             System.err.println(rb.getString
-                ("*****************  WARNING WARNING WARNING  *****************"));
+                (".WARNING.WARNING.WARNING."));
             System.err.println();
         }
 
@@ -1877,8 +1861,7 @@
         } else {
             if (dest != null || srckeyPass != null || destKeyPass != null) {
                 throw new Exception(rb.getString(
-                        "if alias not specified, destalias, srckeypass, " +
-                        "and destkeypass must not be specified"));
+                        "if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified"));
             }
             doImportKeyStoreAll(loadSourceKeyStore());
         }
@@ -1906,16 +1889,16 @@
             Object[] source = {alias};
             if (noprompt) {
                 System.err.println(new MessageFormat(rb.getString(
-                        "Warning: Overwriting existing alias <alias> in destination keystore")).format(source));
+                        "Warning.Overwriting.existing.alias.alias.in.destination.keystore")).format(source));
             } else {
                 String reply = getYesNoReply(new MessageFormat(rb.getString(
-                        "Existing entry alias <alias> exists, overwrite? [no]:  ")).format(source));
+                        "Existing.entry.alias.alias.exists.overwrite.no.")).format(source));
                 if ("NO".equals(reply)) {
                     newAlias = inputStringFromStdin(rb.getString
-                            ("Enter new alias name\t(RETURN to cancel import for this entry):  "));
+                            ("Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry."));
                     if ("".equals(newAlias)) {
                         System.err.println(new MessageFormat(rb.getString(
-                                "Entry for alias <alias> not imported.")).format(
+                                "Entry.for.alias.alias.not.imported.")).format(
                                 source));
                         return 0;
                     }
@@ -1944,7 +1927,7 @@
         } catch (KeyStoreException kse) {
             Object[] source2 = {alias, kse.toString()};
             MessageFormat form = new MessageFormat(rb.getString(
-                    "Problem importing entry for alias <alias>: <exception>.\nEntry for alias <alias> not imported."));
+                    "Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported."));
             System.err.println(form.format(source2));
             return 2;
         }
@@ -1961,7 +1944,7 @@
             if (result == 1) {
                 ok++;
                 Object[] source = {alias};
-                MessageFormat form = new MessageFormat(rb.getString("Entry for alias <alias> successfully imported."));
+                MessageFormat form = new MessageFormat(rb.getString("Entry.for.alias.alias.successfully.imported."));
                 System.err.println(form.format(source));
             } else if (result == 2) {
                 if (!noprompt) {
@@ -1974,7 +1957,7 @@
         }
         Object[] source = {ok, count-ok};
         MessageFormat form = new MessageFormat(rb.getString(
-                "Import command completed:  <ok> entries successfully imported, <fail> entries failed or cancelled"));
+                "Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled"));
         System.err.println(form.format(source));
     }
 
@@ -1991,17 +1974,17 @@
             out.println();
         }
 
-        out.println(rb.getString("Keystore type: ") + keyStore.getType());
-        out.println(rb.getString("Keystore provider: ") +
+        out.println(rb.getString("Keystore.type.") + keyStore.getType());
+        out.println(rb.getString("Keystore.provider.") +
                 keyStore.getProvider().getName());
         out.println();
 
         MessageFormat form;
         form = (keyStore.size() == 1) ?
                 new MessageFormat(rb.getString
-                        ("Your keystore contains keyStore.size() entry")) :
+                        ("Your.keystore.contains.keyStore.size.entry")) :
                 new MessageFormat(rb.getString
-                        ("Your keystore contains keyStore.size() entries"));
+                        ("Your.keystore.contains.keyStore.size.entries"));
         Object[] source = {new Integer(keyStore.size())};
         out.println(form.format(source));
         out.println();
@@ -2011,11 +1994,11 @@
             String alias = e.nextElement();
             doPrintEntry(alias, out, false);
             if (verbose || rfc) {
-                out.println(rb.getString("\n"));
+                out.println(rb.getString("NEWLINE"));
                 out.println(rb.getString
-                        ("*******************************************"));
+                        ("STAR"));
                 out.println(rb.getString
-                        ("*******************************************\n\n"));
+                        ("STARNN"));
             }
         }
     }
@@ -2171,10 +2154,10 @@
             }
             if (issuer == null) {
                 out.println(rb.getString
-                        ("*******************************************"));
+                        ("STAR"));
                 out.println("WARNING: not verified. Make sure -keystore and -alias are correct.");
                 out.println(rb.getString
-                        ("*******************************************\n\n"));
+                        ("STARNN"));
             }
         }
     }
@@ -2214,15 +2197,14 @@
         PKCS10 req = new PKCS10(new BASE64Decoder().decodeBuffer(new String(sb)));
 
         PublicKey pkey = req.getSubjectPublicKeyInfo();
-        out.printf(rb.getString("PKCS #10 Certificate Request (Version 1.0)\n" +
-                "Subject: %s\nPublic Key: %s format %s key\n"),
+        out.printf(rb.getString("PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key."),
                 req.getSubjectName(), pkey.getFormat(), pkey.getAlgorithm());
         for (PKCS10Attribute attr: req.getAttributes().getAttributes()) {
             ObjectIdentifier oid = attr.getAttributeId();
             if (oid.equals(PKCS9Attribute.EXTENSION_REQUEST_OID)) {
                 CertificateExtensions exts = (CertificateExtensions)attr.getAttributeValue();
                 if (exts != null) {
-                    printExtensions(rb.getString("Extension Request:"), exts, out);
+                    printExtensions(rb.getString("Extension.Request."), exts, out);
                 }
             } else {
                 out.println(attr.getAttributeId());
@@ -2245,10 +2227,10 @@
         try {
             c = cf.generateCertificates(in);
         } catch (CertificateException ce) {
-            throw new Exception(rb.getString("Failed to parse input"), ce);
+            throw new Exception(rb.getString("Failed.to.parse.input"), ce);
         }
         if (c.isEmpty()) {
-            throw new Exception(rb.getString("Empty input"));
+            throw new Exception(rb.getString("Empty.input"));
         }
         Certificate[] certs = c.toArray(new Certificate[c.size()]);
         for (int i=0; i<certs.length; i++) {
@@ -2256,11 +2238,11 @@
             try {
                 x509Cert = (X509Certificate)certs[i];
             } catch (ClassCastException cce) {
-                throw new Exception(rb.getString("Not X.509 certificate"));
+                throw new Exception(rb.getString("Not.X.509.certificate"));
             }
             if (certs.length > 1) {
                 MessageFormat form = new MessageFormat
-                        (rb.getString("Certificate[(i + 1)]:"));
+                        (rb.getString("Certificate.i.1."));
                 Object[] source = {new Integer(i + 1)};
                 out.println(form.format(source));
             }
@@ -2299,15 +2281,15 @@
                     for (CodeSigner signer: signers) {
                         if (!ss.contains(signer)) {
                             ss.add(signer);
-                            out.printf(rb.getString("Signer #%d:"), ++pos);
+                            out.printf(rb.getString("Signer.d."), ++pos);
                             out.println();
                             out.println();
-                            out.println(rb.getString("Signature:"));
+                            out.println(rb.getString("Signature."));
                             out.println();
                             for (Certificate cert: signer.getSignerCertPath().getCertificates()) {
                                 X509Certificate x = (X509Certificate)cert;
                                 if (rfc) {
-                                    out.println(rb.getString("Certificate owner: ") + x.getSubjectDN() + "\n");
+                                    out.println(rb.getString("Certificate.owner.") + x.getSubjectDN() + "\n");
                                     dumpCert(x, out);
                                 } else {
                                     printX509Cert(x, out);
@@ -2316,12 +2298,12 @@
                             }
                             Timestamp ts = signer.getTimestamp();
                             if (ts != null) {
-                                out.println(rb.getString("Timestamp:"));
+                                out.println(rb.getString("Timestamp."));
                                 out.println();
                                 for (Certificate cert: ts.getSignerCertPath().getCertificates()) {
                                     X509Certificate x = (X509Certificate)cert;
                                     if (rfc) {
-                                        out.println(rb.getString("Certificate owner: ") + x.getSubjectDN() + "\n");
+                                        out.println(rb.getString("Certificate.owner.") + x.getSubjectDN() + "\n");
                                         dumpCert(x, out);
                                     } else {
                                         printX509Cert(x, out);
@@ -2333,7 +2315,7 @@
                                     .getJavaSecurityCodeSignerAccess()
                                     .getCRLs(signer);
                             if (crls != null) {
-                                out.println(rb.getString("CRLs:"));
+                                out.println(rb.getString("CRLs."));
                                 out.println();
                                 for (CRL crl: crls) {
                                     printCRL(crl, out);
@@ -2345,7 +2327,7 @@
             }
             jf.close();
             if (ss.size() == 0) {
-                out.println(rb.getString("Not a signed jar file"));
+                out.println(rb.getString("Not.a.signed.jar.file"));
             }
         } else if (sslserver != null) {
             SSLContext sc = SSLContext.getInstance("SSL");
@@ -2410,7 +2392,7 @@
             // if the URL connection is successful.
             if (!certPrinted[0]) {
                 Exception e = new Exception(
-                        rb.getString("No certificate from the SSL server"));
+                        rb.getString("No.certificate.from.the.SSL.server"));
                 if (ex != null) {
                     e.initCause(ex);
                 }
@@ -2455,13 +2437,13 @@
         Certificate oldCert = keyStore.getCertificate(alias);
         if (oldCert == null) {
             MessageFormat form = new MessageFormat
-                (rb.getString("alias has no public key"));
+                (rb.getString("alias.has.no.public.key"));
             Object[] source = {alias};
             throw new Exception(form.format(source));
         }
         if (!(oldCert instanceof X509Certificate)) {
             MessageFormat form = new MessageFormat
-                (rb.getString("alias has no X.509 certificate"));
+                (rb.getString("alias.has.no.X.509.certificate"));
             Object[] source = {alias};
             throw new Exception(form.format(source));
         }
@@ -2532,7 +2514,7 @@
                              new Certificate[] { newCert } );
 
         if (verbose) {
-            System.err.println(rb.getString("New certificate (self-signed):"));
+            System.err.println(rb.getString("New.certificate.self.signed."));
             System.err.print(newCert.toString());
             System.err.println();
         }
@@ -2568,7 +2550,7 @@
         Certificate userCert = keyStore.getCertificate(alias);
         if (userCert == null) {
             MessageFormat form = new MessageFormat
-                (rb.getString("alias has no public key (certificate)"));
+                (rb.getString("alias.has.no.public.key.certificate."));
             Object[] source = {alias};
             throw new Exception(form.format(source));
         }
@@ -2576,7 +2558,7 @@
         // Read the certificates in the reply
         Collection<? extends Certificate> c = cf.generateCertificates(in);
         if (c.isEmpty()) {
-            throw new Exception(rb.getString("Reply has no certificates"));
+            throw new Exception(rb.getString("Reply.has.no.certificates"));
         }
         Certificate[] replyCerts = c.toArray(new Certificate[c.size()]);
         Certificate[] newChain;
@@ -2609,11 +2591,11 @@
         throws Exception
     {
         if (alias == null) {
-            throw new Exception(rb.getString("Must specify alias"));
+            throw new Exception(rb.getString("Must.specify.alias"));
         }
         if (keyStore.containsAlias(alias)) {
             MessageFormat form = new MessageFormat(rb.getString
-                ("Certificate not imported, alias <alias> already exists"));
+                ("Certificate.not.imported.alias.alias.already.exists"));
             Object[] source = {alias};
             throw new Exception(form.format(source));
         }
@@ -2623,9 +2605,9 @@
         try {
             cert = (X509Certificate)cf.generateCertificate(in);
         } catch (ClassCastException cce) {
-            throw new Exception(rb.getString("Input not an X.509 certificate"));
+            throw new Exception(rb.getString("Input.not.an.X.509.certificate"));
         } catch (CertificateException ce) {
-            throw new Exception(rb.getString("Input not an X.509 certificate"));
+            throw new Exception(rb.getString("Input.not.an.X.509.certificate"));
         }
 
         // if certificate is self-signed, make sure it verifies
@@ -2645,27 +2627,27 @@
         String trustalias = keyStore.getCertificateAlias(cert);
         if (trustalias != null) {
             MessageFormat form = new MessageFormat(rb.getString
-                ("Certificate already exists in keystore under alias <trustalias>"));
+                ("Certificate.already.exists.in.keystore.under.alias.trustalias."));
             Object[] source = {trustalias};
             System.err.println(form.format(source));
             reply = getYesNoReply
-                (rb.getString("Do you still want to add it? [no]:  "));
+                (rb.getString("Do.you.still.want.to.add.it.no."));
         } else if (selfSigned) {
             if (trustcacerts && (caks != null) &&
                     ((trustalias=caks.getCertificateAlias(cert)) != null)) {
                 MessageFormat form = new MessageFormat(rb.getString
-                        ("Certificate already exists in system-wide CA keystore under alias <trustalias>"));
+                        ("Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias."));
                 Object[] source = {trustalias};
                 System.err.println(form.format(source));
                 reply = getYesNoReply
-                        (rb.getString("Do you still want to add it to your own keystore? [no]:  "));
+                        (rb.getString("Do.you.still.want.to.add.it.to.your.own.keystore.no."));
             }
             if (trustalias == null) {
                 // Print the cert and ask user if they really want to add
                 // it to their keystore
                 printX509Cert(cert, System.out);
                 reply = getYesNoReply
-                        (rb.getString("Trust this certificate? [no]:  "));
+                        (rb.getString("Trust.this.certificate.no."));
             }
         }
         if (reply != null) {
@@ -2689,7 +2671,7 @@
             // their keystore
             printX509Cert(cert, System.out);
             reply = getYesNoReply
-                (rb.getString("Trust this certificate? [no]:  "));
+                (rb.getString("Trust.this.certificate.no."));
             if ("YES".equals(reply)) {
                 keyStore.setCertificateEntry(alias, cert);
                 return true;
@@ -2716,26 +2698,26 @@
 
         for (int count = 0; count < 3; count++) {
             MessageFormat form = new MessageFormat
-                (rb.getString("New prompt: "));
+                (rb.getString("New.prompt."));
             Object[] source = {prompt};
             System.err.print(form.format(source));
             entered = Password.readPassword(System.in);
             passwords.add(entered);
             if (entered == null || entered.length < 6) {
                 System.err.println(rb.getString
-                    ("Password is too short - must be at least 6 characters"));
+                    ("Password.is.too.short.must.be.at.least.6.characters"));
             } else if (Arrays.equals(entered, oldPasswd)) {
-                System.err.println(rb.getString("Passwords must differ"));
+                System.err.println(rb.getString("Passwords.must.differ"));
             } else {
                 form = new MessageFormat
-                        (rb.getString("Re-enter new prompt: "));
+                        (rb.getString("Re.enter.new.prompt."));
                 Object[] src = {prompt};
                 System.err.print(form.format(src));
                 reentered = Password.readPassword(System.in);
                 passwords.add(reentered);
                 if (!Arrays.equals(entered, reentered)) {
                     System.err.println
-                        (rb.getString("They don't match. Try again"));
+                        (rb.getString("They.don.t.match.Try.again"));
                 } else {
                     Arrays.fill(reentered, ' ');
                     return entered;
@@ -2750,7 +2732,7 @@
                 reentered = null;
             }
         }
-        throw new Exception(rb.getString("Too many failures - try later"));
+        throw new Exception(rb.getString("Too.many.failures.try.later"));
     }
 
     /**
@@ -2761,11 +2743,11 @@
     private String getAlias(String prompt) throws Exception {
         if (prompt != null) {
             MessageFormat form = new MessageFormat
-                (rb.getString("Enter prompt alias name:  "));
+                (rb.getString("Enter.prompt.alias.name."));
             Object[] source = {prompt};
             System.err.print(form.format(source));
         } else {
-            System.err.print(rb.getString("Enter alias name:  "));
+            System.err.print(rb.getString("Enter.alias.name."));
         }
         return (new BufferedReader(new InputStreamReader(
                                         System.in))).readLine();
@@ -2796,17 +2778,17 @@
         do {
             if (otherKeyPass != null) {
                 MessageFormat form = new MessageFormat(rb.getString
-                        ("Enter key password for <alias>"));
+                        ("Enter.key.password.for.alias."));
                 Object[] source = {alias};
                 System.err.println(form.format(source));
 
                 form = new MessageFormat(rb.getString
-                        ("\t(RETURN if same as for <otherAlias>)"));
+                        (".RETURN.if.same.as.for.otherAlias."));
                 Object[] src = {otherAlias};
                 System.err.print(form.format(src));
             } else {
                 MessageFormat form = new MessageFormat(rb.getString
-                        ("Enter key password for <alias>"));
+                        ("Enter.key.password.for.alias."));
                 Object[] source = {alias};
                 System.err.print(form.format(source));
             }
@@ -2820,7 +2802,7 @@
         } while ((keyPass == null) && count < 3);
 
         if (keyPass == null) {
-            throw new Exception(rb.getString("Too many failures - try later"));
+            throw new Exception(rb.getString("Too.many.failures.try.later"));
         }
 
         return keyPass;
@@ -2851,7 +2833,7 @@
         */
 
         MessageFormat form = new MessageFormat
-                (rb.getString("*PATTERN* printX509Cert"));
+                (rb.getString(".PATTERN.printX509Cert"));
         Object[] source = {cert.getSubjectDN().toString(),
                         cert.getIssuerDN().toString(),
                         cert.getSerialNumber().toString(16),
@@ -2873,7 +2855,7 @@
             CertificateExtensions exts = (CertificateExtensions)
                     certInfo.get(X509CertInfo.EXTENSIONS);
             if (exts != null) {
-                printExtensions(rb.getString("Extensions: "), exts, out);
+                printExtensions(rb.getString("Extensions."), exts, out);
             }
         }
     }
@@ -2894,7 +2876,7 @@
             if (ext.getClass() == Extension.class) {
                 byte[] v = ext.getExtensionValue();
                 if (v.length == 0) {
-                    out.println(rb.getString("(Empty value)"));
+                    out.println(rb.getString(".Empty.value."));
                 } else {
                     new sun.misc.HexDumpEncoder().encodeBuffer(ext.getExtensionValue(), out);
                     out.println();
@@ -2972,32 +2954,32 @@
         do {
             if (maxRetry-- < 0) {
                 throw new RuntimeException(rb.getString(
-                        "Too many retries, program terminated"));
+                        "Too.many.retries.program.terminated"));
             }
             commonName = inputString(in,
-                    rb.getString("What is your first and last name?"),
+                    rb.getString("What.is.your.first.and.last.name."),
                     commonName);
             organizationalUnit = inputString(in,
                     rb.getString
-                        ("What is the name of your organizational unit?"),
+                        ("What.is.the.name.of.your.organizational.unit."),
                     organizationalUnit);
             organization = inputString(in,
-                    rb.getString("What is the name of your organization?"),
+                    rb.getString("What.is.the.name.of.your.organization."),
                     organization);
             city = inputString(in,
-                    rb.getString("What is the name of your City or Locality?"),
+                    rb.getString("What.is.the.name.of.your.City.or.Locality."),
                     city);
             state = inputString(in,
-                    rb.getString("What is the name of your State or Province?"),
+                    rb.getString("What.is.the.name.of.your.State.or.Province."),
                     state);
             country = inputString(in,
                     rb.getString
-                        ("What is the two-letter country code for this unit?"),
+                        ("What.is.the.two.letter.country.code.for.this.unit."),
                     country);
             name = new X500Name(commonName, organizationalUnit, organization,
                                 city, state, country);
             MessageFormat form = new MessageFormat
-                (rb.getString("Is <name> correct?"));
+                (rb.getString("Is.name.correct."));
             Object[] source = {name};
             userInput = inputString
                 (in, form.format(source), rb.getString("no"));
@@ -3014,7 +2996,7 @@
     {
         System.err.println(prompt);
         MessageFormat form = new MessageFormat
-                (rb.getString("  [defaultValue]:  "));
+                (rb.getString(".defaultValue."));
         Object[] source = {defaultValue};
         System.err.print(form.format(source));
         System.err.flush();
@@ -3085,14 +3067,14 @@
 
         if (keyStore.containsAlias(alias) == false) {
             MessageFormat form = new MessageFormat
-                (rb.getString("Alias <alias> does not exist"));
+                (rb.getString("Alias.alias.does.not.exist"));
             Object[] source = {alias};
             throw new Exception(form.format(source));
         }
         if (!keyStore.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class) &&
                 !keyStore.entryInstanceOf(alias, KeyStore.SecretKeyEntry.class)) {
             MessageFormat form = new MessageFormat
-                (rb.getString("Alias <alias> has no key"));
+                (rb.getString("Alias.alias.has.no.key"));
             Object[] source = {alias};
             throw new Exception(form.format(source));
         }
@@ -3134,7 +3116,7 @@
 
         if (ks.containsAlias(alias) == false) {
             MessageFormat form = new MessageFormat
-                (rb.getString("Alias <alias> does not exist"));
+                (rb.getString("Alias.alias.does.not.exist"));
             Object[] source = {alias};
             throw new Exception(form.format(source));
         }
@@ -3212,15 +3194,15 @@
     private void printWarning() {
         System.err.println();
         System.err.println(rb.getString
-            ("*****************  WARNING WARNING WARNING  *****************"));
+            (".WARNING.WARNING.WARNING."));
         System.err.println(rb.getString
-            ("* The integrity of the information stored in your keystore  *"));
+            (".The.integrity.of.the.information.stored.in.your.keystore."));
         System.err.println(rb.getString
-            ("* has NOT been verified!  In order to verify its integrity, *"));
+            (".has.NOT.been.verified.In.order.to.verify.its.integrity."));
         System.err.println(rb.getString
-            ("* you must provide your keystore password.                  *"));
+            (".you.must.provide.your.keystore.password."));
         System.err.println(rb.getString
-            ("*****************  WARNING WARNING WARNING  *****************"));
+            (".WARNING.WARNING.WARNING."));
         System.err.println();
     }
 
@@ -3250,7 +3232,7 @@
         }
         if (i == replyCerts.length) {
             MessageFormat form = new MessageFormat(rb.getString
-                ("Certificate reply does not contain public key for <alias>"));
+                ("Certificate.reply.does.not.contain.public.key.for.alias."));
             Object[] source = {alias};
             throw new Exception(form.format(source));
         }
@@ -3275,7 +3257,7 @@
             }
             if (j == replyCerts.length) {
                 throw new Exception
-                    (rb.getString("Incomplete certificate chain in reply"));
+                    (rb.getString("Incomplete.certificate.chain.in.reply"));
             }
         }
 
@@ -3292,12 +3274,12 @@
         if (root == null) {
             System.err.println();
             System.err.println
-                    (rb.getString("Top-level certificate in reply:\n"));
+                    (rb.getString("Top.level.certificate.in.reply."));
             printX509Cert((X509Certificate)topCert, System.out);
             System.err.println();
-            System.err.print(rb.getString("... is not trusted. "));
+            System.err.print(rb.getString(".is.not.trusted."));
             String reply = getYesNoReply
-                    (rb.getString("Install reply anyway? [no]:  "));
+                    (rb.getString("Install.reply.anyway.no."));
             if ("NO".equals(reply)) {
                 return null;
             }
@@ -3335,14 +3317,14 @@
             PublicKey replyPubKey = certToVerify.getPublicKey();
             if (!origPubKey.equals(replyPubKey)) {
                 throw new Exception(rb.getString
-                        ("Public keys in reply and keystore don't match"));
+                        ("Public.keys.in.reply.and.keystore.don.t.match"));
             }
 
             // If the two certs are identical, we're done: no need to import
             // anything
             if (certToVerify.equals(userCert)) {
                 throw new Exception(rb.getString
-                        ("Certificate reply and certificate in keystore are identical"));
+                        ("Certificate.reply.and.certificate.in.keystore.are.identical"));
             }
         }
 
@@ -3379,7 +3361,7 @@
             return newChain;
         } else {
             throw new Exception
-                (rb.getString("Failed to establish chain from reply"));
+                (rb.getString("Failed.to.establish.chain.from.reply"));
         }
     }
 
@@ -3443,7 +3425,7 @@
         do {
             if (maxRetry-- < 0) {
                 throw new RuntimeException(rb.getString(
-                        "Too many retries, program terminated"));
+                        "Too.many.retries.program.terminated"));
             }
             System.err.print(prompt);
             System.err.flush();
@@ -3457,7 +3439,7 @@
                        collator.compare(reply, rb.getString("yes")) == 0) {
                 reply = "YES";
             } else {
-                System.err.println(rb.getString("Wrong answer, try again"));
+                System.err.println(rb.getString("Wrong.answer.try.again"));
                 reply = null;
             }
         } while (reply == null);
@@ -3528,7 +3510,7 @@
         Calendar c = new GregorianCalendar();
         if (s != null) {
             IOException ioe = new IOException(
-                    rb.getString("Illegal startdate value"));
+                    rb.getString("Illegal.startdate.value"));
             int len = s.length();
             if (len == 0) {
                 throw ioe;
@@ -3654,7 +3636,7 @@
             }
             StringBuffer sb = new StringBuffer();
             MessageFormat form = new MessageFormat(rb.getString
-                ("command {0} is ambiguous:"));
+                ("command.{0}.is.ambiguous."));
             Object[] source = {s};
             sb.append(form.format(source));
             sb.append("\n    ");
@@ -3678,7 +3660,7 @@
         int p = oneOf(t, "EMAIL", "URI", "DNS", "IP", "OID");
         if (p < 0) {
             throw new Exception(rb.getString(
-                    "Unrecognized GeneralName type: ") + t);
+                    "Unrecognized.GeneralName.type.") + t);
         }
         switch (p) {
             case 0: gn = new RFC822Name(v); break;
@@ -3773,7 +3755,7 @@
                                             "critical", "non-critical");
                                     if (action == -1) {
                                         throw new Exception(rb.getString
-                                            ("Illegal value: ") + item);
+                                            ("Illegal.value.") + item);
                                     }
                                 }
                             }
@@ -3837,7 +3819,7 @@
                                     String[] nv = part.split(":");
                                     if (nv.length != 2) {
                                         throw new Exception(rb.getString
-                                                ("Illegal value: ") + extstr);
+                                                ("Illegal.value.") + extstr);
                                     } else {
                                         if (nv[0].equalsIgnoreCase("ca")) {
                                             isCA = Boolean.parseBoolean(nv[1]);
@@ -3845,7 +3827,7 @@
                                             pathLen = Integer.parseInt(nv[1]);
                                         } else {
                                             throw new Exception(rb.getString
-                                                ("Illegal value: ") + extstr);
+                                                ("Illegal.value.") + extstr);
                                         }
                                     }
                                 }
@@ -3872,7 +3854,7 @@
                                        "contentCommitment"  // also (1)
                                        );
                                 if (p < 0) {
-                                    throw new Exception(rb.getString("Unknown keyUsage type: ") + s);
+                                    throw new Exception(rb.getString("Unknown.keyUsage.type.") + s);
                                 }
                                 if (p == 9) p = 1;
                                 ok[p] = true;
@@ -3886,7 +3868,7 @@
                                     kue.getExtensionValue()));
                         } else {
                             throw new Exception(rb.getString
-                                    ("Illegal value: ") + extstr);
+                                    ("Illegal.value.") + extstr);
                         }
                         break;
                     case 2:     // EKU
@@ -3911,7 +3893,7 @@
                                         v.add(new ObjectIdentifier(s));
                                     } catch (Exception e) {
                                         throw new Exception(rb.getString(
-                                                "Unknown extendedkeyUsage type: ") + s);
+                                                "Unknown.extendedkeyUsage.type.") + s);
                                     }
                                 } else if (p == 0) {
                                     v.add(new ObjectIdentifier("2.5.29.37.0"));
@@ -3923,7 +3905,7 @@
                                     new ExtendedKeyUsageExtension(isCritical, v));
                         } else {
                             throw new Exception(rb.getString
-                                    ("Illegal value: ") + extstr);
+                                    ("Illegal.value.") + extstr);
                         }
                         break;
                     case 3:     // SAN
@@ -3951,14 +3933,14 @@
                             }
                         } else {
                             throw new Exception(rb.getString
-                                    ("Illegal value: ") + extstr);
+                                    ("Illegal.value.") + extstr);
                         }
                         break;
                     case 5:     // SIA, always non-critical
                     case 6:     // AIA, always non-critical
                         if (isCritical) {
                             throw new Exception(rb.getString(
-                                    "This extension cannot be marked as critical. ") + extstr);
+                                    "This.extension.cannot.be.marked.as.critical.") + extstr);
                         }
                         if(value != null) {
                             List<AccessDescription> accessDescriptions =
@@ -3969,7 +3951,7 @@
                                 int colonpos2 = item.indexOf(':', colonpos+1);
                                 if (colonpos < 0 || colonpos2 < 0) {
                                     throw new Exception(rb.getString
-                                            ("Illegal value: ") + extstr);
+                                            ("Illegal.value.") + extstr);
                                 }
                                 String m = item.substring(0, colonpos);
                                 String t = item.substring(colonpos+1, colonpos2);
@@ -3988,7 +3970,7 @@
                                         oid = new ObjectIdentifier(m);
                                     } catch (Exception e) {
                                         throw new Exception(rb.getString(
-                                                "Unknown AccessDescription type: ") + m);
+                                                "Unknown.AccessDescription.type.") + m);
                                     }
                                 } else {
                                     oid = new ObjectIdentifier("1.3.6.1.5.5.7.48." + p);
@@ -4005,7 +3987,7 @@
                             }
                         } else {
                             throw new Exception(rb.getString
-                                    ("Illegal value: ") + extstr);
+                                    ("Illegal.value.") + extstr);
                         }
                         break;
                     case 8: // CRL, experimental, only support 1 distributionpoint
@@ -4027,7 +4009,7 @@
                                         new DistributionPoint(gnames, null, null))));
                         } else {
                             throw new Exception(rb.getString
-                                    ("Illegal value: ") + extstr);
+                                    ("Illegal.value.") + extstr);
                         }
                         break;
                     case -1:
@@ -4056,7 +4038,7 @@
                             }
                             if (pos % 2 != 0) {
                                 throw new Exception(rb.getString(
-                                        "Odd number of hex digits found: ") + extstr);
+                                        "Odd.number.of.hex.digits.found.") + extstr);
                             }
                             data = Arrays.copyOf(data, pos/2);
                         } else {
@@ -4068,7 +4050,7 @@
                         break;
                     default:
                         throw new Exception(rb.getString(
-                                "Unknown extension type: ") + extstr);
+                                "Unknown.extension.type.") + extstr);
                 }
             }
             // always non-critical
@@ -4092,11 +4074,11 @@
     private void usage() {
         if (command != null) {
             System.err.println("keytool " + command +
-                    rb.getString(" [OPTION]..."));
+                    rb.getString(".OPTION."));
             System.err.println();
             System.err.println(rb.getString(command.description));
             System.err.println();
-            System.err.println(rb.getString("Options:"));
+            System.err.println(rb.getString("Options."));
             System.err.println();
 
             // Left and right sides of the options list
@@ -4123,12 +4105,12 @@
             }
             System.err.println();
             System.err.println(rb.getString(
-                    "Use \"keytool -help\" for all available commands"));
+                    "Use.keytool.help.for.all.available.commands"));
         } else {
             System.err.println(rb.getString(
-                    "Key and Certificate Management Tool"));
+                    "Key.and.Certificate.Management.Tool"));
             System.err.println();
-            System.err.println(rb.getString("Commands:"));
+            System.err.println(rb.getString("Commands."));
             System.err.println();
             for (Command c: Command.values()) {
                 if (c == KEYCLONE) break;
@@ -4136,7 +4118,7 @@
             }
             System.err.println();
             System.err.println(rb.getString(
-                    "Use \"keytool -command_name -help\" for usage of command_name"));
+                    "Use.keytool.command.name.help.for.usage.of.command.name"));
         }
     }
 
@@ -4152,7 +4134,7 @@
     private void errorNeedArgument(String flag) {
         Object[] source = {flag};
         System.err.println(new MessageFormat(
-                rb.getString("Command option <flag> needs an argument.")).format(source));
+                rb.getString("Command.option.flag.needs.an.argument.")).format(source));
         tinyHelp();
     }
 
@@ -4171,7 +4153,7 @@
             String value = System.getenv(arg);
             if (value == null) {
                 System.err.println(rb.getString(
-                        "Cannot find environment variable: ") + arg);
+                        "Cannot.find.environment.variable.") + arg);
                 return null;
             } else {
                 return value.toCharArray();
@@ -4187,7 +4169,7 @@
                         url = f.toURI().toURL();
                     } else {
                         System.err.println(rb.getString(
-                                "Cannot find file: ") + arg);
+                                "Cannot.find.file.") + arg);
                         return null;
                     }
                 }
@@ -4205,7 +4187,7 @@
                 return null;
             }
         } else {
-            System.err.println(rb.getString("Unknown password type: ") +
+            System.err.println(rb.getString("Unknown.password.type.") +
                     modifier);
             return null;
         }
--- a/src/share/classes/sun/security/tools/policytool/PolicyTool.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/sun/security/tools/policytool/PolicyTool.java	Thu Nov 11 15:51:12 2010 +0800
@@ -228,9 +228,7 @@
                     if (pubKey == null) {
                         newWarning = true;
                         MessageFormat form = new MessageFormat(rb.getString
-                            ("Warning: A public key for alias " +
-                            "'signers[i]' does not exist.  " +
-                            "Make sure a KeyStore is properly configured."));
+                            ("Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured."));
                         Object[] source = {signers[i]};
                         warnings.addElement(form.format(source));
                     }
@@ -248,7 +246,7 @@
                 } catch (ClassNotFoundException fnfe) {
                     newWarning = true;
                     MessageFormat form = new MessageFormat(rb.getString
-                                ("Warning: Class not found: class"));
+                                ("Warning.Class.not.found.class"));
                     Object[] source = {pe.getPrincipalClass()};
                     warnings.addElement(form.format(source));
                 }
@@ -264,13 +262,13 @@
                 } catch (ClassNotFoundException fnfe) {
                     newWarning = true;
                     MessageFormat form = new MessageFormat(rb.getString
-                                ("Warning: Class not found: class"));
+                                ("Warning.Class.not.found.class"));
                     Object[] source = {pe.permission};
                     warnings.addElement(form.format(source));
                 } catch (InvocationTargetException ite) {
                     newWarning = true;
                     MessageFormat form = new MessageFormat(rb.getString
-                        ("Warning: Invalid argument(s) for constructor: arg"));
+                        ("Warning.Invalid.argument.s.for.constructor.arg"));
                     Object[] source = {pe.permission};
                     warnings.addElement(form.format(source));
                 }
@@ -285,9 +283,7 @@
                         if (pubKey == null) {
                             newWarning = true;
                             MessageFormat form = new MessageFormat(rb.getString
-                                ("Warning: A public key for alias " +
-                                "'signers[i]' does not exist.  " +
-                               "Make sure a KeyStore is properly configured."));
+                                ("Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured."));
                             Object[] source = {signers[i]};
                             warnings.addElement(form.format(source));
                         }
@@ -615,7 +611,7 @@
                 Thread.currentThread().getContextClassLoader());
         if (!PRIN.isAssignableFrom(pc)) {
             MessageFormat form = new MessageFormat(rb.getString
-                        ("Illegal Principal Type: type"));
+                        ("Illegal.Principal.Type.type"));
             Object[] source = {type};
             throw new InstantiationException(form.format(source));
         }
@@ -691,7 +687,7 @@
                 policyFileName = args[n];
             } else {
                 MessageFormat form = new MessageFormat(rb.getString
-                                ("Illegal option: option"));
+                                ("Illegal.option.option"));
                 Object[] source = { flags };
                 System.err.println(form.format(source));
                 usage();
@@ -700,10 +696,10 @@
     }
 
     static void usage() {
-        System.out.println(rb.getString("Usage: policytool [options]"));
+        System.out.println(rb.getString("Usage.policytool.options."));
         System.out.println();
         System.out.println(rb.getString
-                ("  [-file <file>]    policy file location"));
+                (".file.file.policy.file.location"));
         System.out.println();
 
         System.exit(1);
@@ -903,23 +899,23 @@
     public static final String SAVE_POLICY_FILE         =
                         PolicyTool.rb.getString("Save");
     public static final String SAVE_AS_POLICY_FILE      =
-                        PolicyTool.rb.getString("Save As");
+                        PolicyTool.rb.getString("Save.As");
     public static final String VIEW_WARNINGS            =
-                        PolicyTool.rb.getString("View Warning Log");
+                        PolicyTool.rb.getString("View.Warning.Log");
     public static final String QUIT                     =
                         PolicyTool.rb.getString("Exit");
     public static final String ADD_POLICY_ENTRY         =
-                        PolicyTool.rb.getString("Add Policy Entry");
+                        PolicyTool.rb.getString("Add.Policy.Entry");
     public static final String EDIT_POLICY_ENTRY        =
-                        PolicyTool.rb.getString("Edit Policy Entry");
+                        PolicyTool.rb.getString("Edit.Policy.Entry");
     public static final String REMOVE_POLICY_ENTRY      =
-                        PolicyTool.rb.getString("Remove Policy Entry");
+                        PolicyTool.rb.getString("Remove.Policy.Entry");
     public static final String EDIT_KEYSTORE            =
                         PolicyTool.rb.getString("Edit");
     public static final String ADD_PUBKEY_ALIAS         =
-                        PolicyTool.rb.getString("Add Public Key Alias");
+                        PolicyTool.rb.getString("Add.Public.Key.Alias");
     public static final String REMOVE_PUBKEY_ALIAS      =
-                        PolicyTool.rb.getString("Remove Public Key Alias");
+                        PolicyTool.rb.getString("Remove.Public.Key.Alias");
 
     /* gridbag index for components in the main window (MW) */
     public static final int MW_FILENAME_LABEL           = 0;
@@ -968,13 +964,13 @@
 
 
         // policy entry listing
-        Label label = new Label(PolicyTool.rb.getString("Policy File:"));
+        Label label = new Label(PolicyTool.rb.getString("Policy.File."));
         addNewComponent(this, label, MW_FILENAME_LABEL,
                         0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH,
                         TOP_BOTTOM_PADDING);
         TextField tf = new TextField(50);
         tf.getAccessibleContext().setAccessibleName(
-                PolicyTool.rb.getString("Policy File:"));
+                PolicyTool.rb.getString("Policy.File."));
         tf.setEditable(false);
         addNewComponent(this, tf, MW_FILENAME_TEXTFIELD,
                         1, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH,
@@ -1056,7 +1052,7 @@
 
             // display the error
             MessageFormat form = new MessageFormat(PolicyTool.rb.getString
-                ("Could not open policy file: policyFile: e.toString()"));
+                ("Could.not.open.policy.file.policyFile.e.toString."));
             Object[] source = {policyFile, e.toString()};
             displayErrorDialog(null, form.format(source));
         }
@@ -1133,7 +1129,7 @@
      */
     void displayToolWindow(String args[]) {
 
-        setTitle(PolicyTool.rb.getString("Policy Tool"));
+        setTitle(PolicyTool.rb.getString("Policy.Tool"));
         setResizable(true);
         addWindowListener(new ToolWindowListener(this));
         setBounds(135, 80, 500, 500);
@@ -1146,9 +1142,7 @@
 
         if (tool.newWarning == true) {
             displayStatusDialog(this, PolicyTool.rb.getString
-                ("Errors have occurred while opening the " +
-                "policy configuration.  View the Warning Log " +
-                "for more information."));
+                ("Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information."));
         }
     }
 
@@ -1231,7 +1225,7 @@
         ta.setEditable(false);
         for (int i = 0; i < tool.warnings.size(); i++) {
             ta.append(tool.warnings.elementAt(i));
-            ta.append(PolicyTool.rb.getString("\n"));
+            ta.append(PolicyTool.rb.getString("NEWLINE"));
         }
         addNewComponent(wd, ta, 0,
                         0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH,
@@ -1332,22 +1326,22 @@
     /* popup menus */
     public static final String PERM             =
         PolicyTool.rb.getString
-        ("Permission:                                                       ");
+        ("Permission.");
 
     public static final String PRIN_TYPE        =
-        PolicyTool.rb.getString("Principal Type:");
+        PolicyTool.rb.getString("Principal.Type.");
     public static final String PRIN_NAME        =
-        PolicyTool.rb.getString("Principal Name:");
+        PolicyTool.rb.getString("Principal.Name.");
 
     /* more popu menus */
     public static final String PERM_NAME        =
         PolicyTool.rb.getString
-        ("Target Name:                                                    ");
+        ("Target.Name.");
 
     /* and more popup menus */
     public static final String PERM_ACTIONS             =
       PolicyTool.rb.getString
-      ("Actions:                                                             ");
+      ("Actions.");
 
     /* gridbag index for display OverWriteFile (OW) components */
     public static final int OW_LABEL                    = 0;
@@ -1540,7 +1534,7 @@
 
         // ask the user if they want to over write the existing file
         MessageFormat form = new MessageFormat(PolicyTool.rb.getString
-                ("OK to overwrite existing file filename?"));
+                ("OK.to.overwrite.existing.file.filename."));
         Object[] source = {filename};
         Label label = new Label(form.format(source));
         tw.addNewComponent(this, label, OW_LABEL,
@@ -1584,12 +1578,12 @@
         PolicyEntry entries[] = null;
         TaggedList prinList = new TaggedList(3, false);
         prinList.getAccessibleContext().setAccessibleName(
-                PolicyTool.rb.getString("Principal List"));
+                PolicyTool.rb.getString("Principal.List"));
         prinList.addActionListener
                 (new EditPrinButtonListener(tool, tw, this, edit));
         TaggedList permList = new TaggedList(10, false);
         permList.getAccessibleContext().setAccessibleName(
-                PolicyTool.rb.getString("Permission List"));
+                PolicyTool.rb.getString("Permission.List"));
         permList.addActionListener
                 (new EditPermButtonListener(tool, tw, this, edit));
 
@@ -1627,7 +1621,7 @@
         }
 
         // codebase label and textfield
-        Label label = new Label(PolicyTool.rb.getString("CodeBase:"));
+        Label label = new Label(PolicyTool.rb.getString("CodeBase."));
         tw.addNewComponent(this, label, PE_CODEBASE_LABEL,
                 0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH);
         TextField tf;
@@ -1635,19 +1629,19 @@
                 new TextField(entries[listIndex].getGrantEntry().codeBase, 60) :
                 new TextField(60));
         tf.getAccessibleContext().setAccessibleName(
-                PolicyTool.rb.getString("Code Base"));
+                PolicyTool.rb.getString("Code.Base"));
         tw.addNewComponent(this, tf, PE_CODEBASE_TEXTFIELD,
                 1, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH);
 
         // signedby label and textfield
-        label = new Label(PolicyTool.rb.getString("SignedBy:"));
+        label = new Label(PolicyTool.rb.getString("SignedBy."));
         tw.addNewComponent(this, label, PE_SIGNEDBY_LABEL,
                            0, 1, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH);
         tf = (edit ?
                 new TextField(entries[listIndex].getGrantEntry().signedBy, 60) :
                 new TextField(60));
         tf.getAccessibleContext().setAccessibleName(
-                PolicyTool.rb.getString("Signed By:"));
+                PolicyTool.rb.getString("Signed.By."));
         tw.addNewComponent(this, tf, PE_SIGNEDBY_TEXTFIELD,
                            1, 1, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH);
 
@@ -1655,19 +1649,19 @@
         Panel panel = new Panel();
         panel.setLayout(new GridBagLayout());
 
-        Button button = new Button(PolicyTool.rb.getString("Add Principal"));
+        Button button = new Button(PolicyTool.rb.getString("Add.Principal"));
         button.addActionListener
                 (new AddPrinButtonListener(tool, tw, this, edit));
         tw.addNewComponent(panel, button, PE_ADD_PRIN_BUTTON,
                 0, 0, 1, 1, 100.0, 0.0, GridBagConstraints.HORIZONTAL);
 
-        button = new Button(PolicyTool.rb.getString("Edit Principal"));
+        button = new Button(PolicyTool.rb.getString("Edit.Principal"));
         button.addActionListener(new EditPrinButtonListener
                                                 (tool, tw, this, edit));
         tw.addNewComponent(panel, button, PE_EDIT_PRIN_BUTTON,
                 1, 0, 1, 1, 100.0, 0.0, GridBagConstraints.HORIZONTAL);
 
-        button = new Button(PolicyTool.rb.getString("Remove Principal"));
+        button = new Button(PolicyTool.rb.getString("Remove.Principal"));
         button.addActionListener(new RemovePrinButtonListener
                                         (tool, tw, this, edit));
         tw.addNewComponent(panel, button, PE_REMOVE_PRIN_BUTTON,
@@ -1677,7 +1671,7 @@
                 1, 2, 1, 1, 0.0, 0.0, GridBagConstraints.HORIZONTAL);
 
         // principal label and list
-        label = new Label(PolicyTool.rb.getString("Principals:"));
+        label = new Label(PolicyTool.rb.getString("Principals."));
         tw.addNewComponent(this, label, PE_PRIN_LABEL,
                            0, 3, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH,
                            tw.BOTTOM_PADDING);
@@ -1689,20 +1683,20 @@
         panel = new Panel();
         panel.setLayout(new GridBagLayout());
 
-        button = new Button(PolicyTool.rb.getString("  Add Permission"));
+        button = new Button(PolicyTool.rb.getString(".Add.Permission"));
         button.addActionListener(new AddPermButtonListener
                                                 (tool, tw, this, edit));
         tw.addNewComponent(panel, button, PE_ADD_PERM_BUTTON,
                 0, 0, 1, 1, 100.0, 0.0, GridBagConstraints.HORIZONTAL);
 
-        button = new Button(PolicyTool.rb.getString("  Edit Permission"));
+        button = new Button(PolicyTool.rb.getString(".Edit.Permission"));
         button.addActionListener(new EditPermButtonListener
                                                 (tool, tw, this, edit));
         tw.addNewComponent(panel, button, PE_EDIT_PERM_BUTTON,
                 1, 0, 1, 1, 100.0, 0.0, GridBagConstraints.HORIZONTAL);
 
 
-        button = new Button(PolicyTool.rb.getString("Remove Permission"));
+        button = new Button(PolicyTool.rb.getString("Remove.Permission"));
         button.addActionListener(new RemovePermButtonListener
                                         (tool, tw, this, edit));
         tw.addNewComponent(panel, button, PE_REMOVE_PERM_BUTTON,
@@ -1808,7 +1802,7 @@
 
             // KeyStore label and textfield
             Label label = new Label
-                        (PolicyTool.rb.getString("KeyStore URL:"));
+                        (PolicyTool.rb.getString("KeyStore.URL."));
             tw.addNewComponent(this, label, KSD_NAME_LABEL,
                                0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH,
                                tw.BOTTOM_PADDING);
@@ -1816,45 +1810,45 @@
 
             // URL to U R L, so that accessibility reader will pronounce well
             tf.getAccessibleContext().setAccessibleName(
-                PolicyTool.rb.getString("KeyStore U R L:"));
+                PolicyTool.rb.getString("KeyStore.U.R.L."));
             tw.addNewComponent(this, tf, KSD_NAME_TEXTFIELD,
                                1, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH,
                                tw.BOTTOM_PADDING);
 
             // KeyStore type and textfield
-            label = new Label(PolicyTool.rb.getString("KeyStore Type:"));
+            label = new Label(PolicyTool.rb.getString("KeyStore.Type."));
             tw.addNewComponent(this, label, KSD_TYPE_LABEL,
                                0, 1, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH,
                                tw.BOTTOM_PADDING);
             tf = new TextField(tool.getKeyStoreType(), 30);
             tf.getAccessibleContext().setAccessibleName(
-                PolicyTool.rb.getString("KeyStore Type:"));
+                PolicyTool.rb.getString("KeyStore.Type."));
             tw.addNewComponent(this, tf, KSD_TYPE_TEXTFIELD,
                                1, 1, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH,
                                tw.BOTTOM_PADDING);
 
             // KeyStore provider and textfield
             label = new Label(PolicyTool.rb.getString
-                                ("KeyStore Provider:"));
+                                ("KeyStore.Provider."));
             tw.addNewComponent(this, label, KSD_PROVIDER_LABEL,
                                0, 2, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH,
                                tw.BOTTOM_PADDING);
             tf = new TextField(tool.getKeyStoreProvider(), 30);
             tf.getAccessibleContext().setAccessibleName(
-                PolicyTool.rb.getString("KeyStore Provider:"));
+                PolicyTool.rb.getString("KeyStore.Provider."));
             tw.addNewComponent(this, tf, KSD_PROVIDER_TEXTFIELD,
                                1, 2, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH,
                                tw.BOTTOM_PADDING);
 
             // KeyStore password URL and textfield
             label = new Label(PolicyTool.rb.getString
-                                ("KeyStore Password URL:"));
+                                ("KeyStore.Password.URL."));
             tw.addNewComponent(this, label, KSD_PWD_URL_LABEL,
                                0, 3, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH,
                                tw.BOTTOM_PADDING);
             tf = new TextField(tool.getKeyStorePwdURL(), 30);
             tf.getAccessibleContext().setAccessibleName(
-                PolicyTool.rb.getString("KeyStore Password U R L:"));
+                PolicyTool.rb.getString("KeyStore.Password.U.R.L."));
             tw.addNewComponent(this, tf, KSD_PWD_URL_TEXTFIELD,
                                1, 3, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH,
                                tw.BOTTOM_PADDING);
@@ -1909,8 +1903,8 @@
 
         // description label
         Label label = (edit ?
-                new Label(PolicyTool.rb.getString("  Edit Principal:")) :
-                new Label(PolicyTool.rb.getString("  Add New Principal:")));
+                new Label(PolicyTool.rb.getString(".Edit.Principal.")) :
+                new Label(PolicyTool.rb.getString(".Add.New.Principal.")));
         tw.addNewComponent(newTD, label, PRD_DESC_LABEL,
                            0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH,
                            tw.TOP_BOTTOM_PADDING);
@@ -2016,8 +2010,8 @@
 
         // description label
         Label label = (edit ?
-                new Label(PolicyTool.rb.getString("  Edit Permission:")) :
-                new Label(PolicyTool.rb.getString("  Add New Permission:")));
+                new Label(PolicyTool.rb.getString(".Edit.Permission.")) :
+                new Label(PolicyTool.rb.getString(".Add.New.Permission.")));
         tw.addNewComponent(newTD, label, PD_DESC_LABEL,
                            0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH,
                            tw.TOP_BOTTOM_PADDING);
@@ -2084,13 +2078,13 @@
                            tw.LR_PADDING);
 
         // signedby label and textfield
-        label = new Label(PolicyTool.rb.getString("Signed By:"));
+        label = new Label(PolicyTool.rb.getString("Signed.By."));
         tw.addNewComponent(newTD, label, PD_SIGNEDBY_LABEL,
                            0, 4, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH,
                            tw.LR_PADDING);
         tf = (edit ? new TextField(editMe.signedBy, 40) : new TextField(40));
         tf.getAccessibleContext().setAccessibleName(
-                PolicyTool.rb.getString("Signed By:"));
+                PolicyTool.rb.getString("Signed.By."));
         tw.addNewComponent(newTD, tf, PD_SIGNEDBY_TEXTFIELD,
                            1, 4, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH,
                            tw.LR_PADDING);
@@ -2135,12 +2129,10 @@
         if ((pclass.equals(PolicyParser.PrincipalEntry.WILDCARD_CLASS)) &&
             (!pname.equals(PolicyParser.PrincipalEntry.WILDCARD_NAME))) {
             throw new Exception
-                        (PolicyTool.rb.getString("Cannot Specify Principal " +
-                        "with a Wildcard Class without a Wildcard Name"));
+                        (PolicyTool.rb.getString("Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name"));
         } else if (pname.equals("")) {
             throw new Exception
-                        (PolicyTool.rb.getString("Cannot Specify Principal " +
-                        "without a Name"));
+                        (PolicyTool.rb.getString("Cannot.Specify.Principal.without.a.Name"));
         } else if (pclass.equals("")) {
             // make this consistent with what PolicyParser does
             // when it sees an empty principal class
@@ -2188,7 +2180,7 @@
         if (permission.equals("") ||
             (!permission.equals(ALL_PERM_CLASS) && name == null)) {
             throw new InvalidParameterException(PolicyTool.rb.getString
-                ("Permission and Target Name must have a value"));
+                ("Permission.and.Target.Name.must.have.a.value"));
         }
 
         // When the permission is FilePermission, we need to check the name
@@ -2205,12 +2197,7 @@
             char result = tw.displayYesNoDialog(this,
                     PolicyTool.rb.getString("Warning"),
                     PolicyTool.rb.getString(
-                        "Warning: File name may include escaped backslash characters. " +
-                        "It is not necessary to escape backslash characters " +
-                        "(the tool escapes characters as necessary when writing " +
-                        "the policy contents to the persistent store).\n\n" +
-                        "Click on Retain to retain the entered name, or click on " +
-                        "Edit to edit the name."),
+                        "Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes"),
                     PolicyTool.rb.getString("Retain"),
                     PolicyTool.rb.getString("Edit")
                     );
@@ -2244,9 +2231,7 @@
                     if (pubKey == null) {
                         MessageFormat form = new MessageFormat
                             (PolicyTool.rb.getString
-                            ("Warning: A public key for alias " +
-                            "'signers[i]' does not exist.  " +
-                            "Make sure a KeyStore is properly configured."));
+                            ("Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured."));
                         Object[] source = {signers[i]};
                         tool.warnings.addElement(form.format(source));
                         tw.displayStatusDialog(this, form.format(source));
@@ -2276,7 +2261,7 @@
 
         // ask the user do they really want to do this?
         Label label = new Label
-                (PolicyTool.rb.getString("Remove this Policy Entry?"));
+                (PolicyTool.rb.getString("Remove.this.Policy.Entry."));
         tw.addNewComponent(this, label, CRPE_LABEL1,
                            0, 0, 2, 1, 0.0, 0.0, GridBagConstraints.BOTH,
                            tw.BOTTOM_PADDING);
@@ -2340,7 +2325,7 @@
 
         // pop up a dialog box for the user to enter a filename.
         FileDialog fd = new FileDialog
-                (tw, PolicyTool.rb.getString("Save As"), FileDialog.SAVE);
+                (tw, PolicyTool.rb.getString("Save.As"), FileDialog.SAVE);
         fd.addWindowListener(new WindowAdapter() {
             public void windowClosing(WindowEvent e) {
                 e.getWindow().setVisible(false);
@@ -2362,7 +2347,7 @@
         if (saveAsFile.exists()) {
             // display a dialog box for the user to enter policy info
             ToolDialog td = new ToolDialog
-                (PolicyTool.rb.getString("Overwrite File"), tool, tw, true);
+                (PolicyTool.rb.getString("Overwrite.File"), tool, tw, true);
             td.displayOverWriteFileDialog(filename, nextEvent);
         } else {
             try {
@@ -2371,7 +2356,7 @@
 
                 // display status
                 MessageFormat form = new MessageFormat(PolicyTool.rb.getString
-                        ("Policy successfully written to filename"));
+                        ("Policy.successfully.written.to.filename"));
                 Object[] source = {filename};
                 tw.displayStatusDialog(null, form.format(source));
 
@@ -2388,7 +2373,7 @@
             } catch (FileNotFoundException fnfe) {
                 if (filename == null || filename.equals("")) {
                     tw.displayErrorDialog(null, new FileNotFoundException
-                                (PolicyTool.rb.getString("null filename")));
+                                (PolicyTool.rb.getString("null.filename")));
                 } else {
                     tw.displayErrorDialog(null, fnfe);
                 }
@@ -2411,7 +2396,7 @@
             setLayout(new GridBagLayout());
 
             Label label = new Label
-                (PolicyTool.rb.getString("Save changes?"));
+                (PolicyTool.rb.getString("Save.changes."));
             tw.addNewComponent(this, label, USC_LABEL,
                                0, 0, 3, 1, 0.0, 0.0, GridBagConstraints.BOTH,
                                tw.L_TOP_BOTTOM_PADDING);
@@ -2535,9 +2520,7 @@
                 // inform user of warnings
                 if (tool.newWarning == true) {
                     tw.displayStatusDialog(null, PolicyTool.rb.getString
-                        ("Errors have occurred while opening the " +
-                        "policy configuration.  View the Warning Log " +
-                        "for more information."));
+                        ("Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information."));
                 }
 
             } catch (Exception e) {
@@ -2556,7 +2539,7 @@
 
                 // display the error
                 MessageFormat form = new MessageFormat(PolicyTool.rb.getString
-                    ("Could not open policy file: policyFile: e.toString()"));
+                    ("Could.not.open.policy.file.policyFile.e.toString."));
                 Object[] source = {policyFile, e.toString()};
                 tw.displayErrorDialog(null, form.format(source));
             }
@@ -2708,7 +2691,7 @@
 
         // display the permission list for a policy entry
         ToolDialog td = new ToolDialog
-                (PolicyTool.rb.getString("Policy Entry"), tool, tw, true);
+                (PolicyTool.rb.getString("Policy.Entry"), tool, tw, true);
         td.displayPolicyEntryDialog(true);
     }
 }
@@ -2732,7 +2715,7 @@
 
             // ask user if they want to save changes
             ToolDialog td = new ToolDialog
-                (PolicyTool.rb.getString("Save Changes"), tool, tw, true);
+                (PolicyTool.rb.getString("Save.Changes"), tool, tw, true);
             td.displayUserSave(td.QUIT);
 
             // the above method will perform the QUIT as long as the
@@ -2743,7 +2726,7 @@
 
             // ask user if they want to save changes
             ToolDialog td = new ToolDialog
-                (PolicyTool.rb.getString("Save Changes"), tool, tw, true);
+                (PolicyTool.rb.getString("Save.Changes"), tool, tw, true);
             td.displayUserSave(td.NEW);
 
             // the above method will perform the NEW as long as the
@@ -2754,7 +2737,7 @@
 
             // ask user if they want to save changes
             ToolDialog td = new ToolDialog
-                (PolicyTool.rb.getString("Save Changes"), tool, tw, true);
+                (PolicyTool.rb.getString("Save.Changes"), tool, tw, true);
             td.displayUserSave(td.OPEN);
 
             // the above method will perform the OPEN as long as the
@@ -2771,7 +2754,7 @@
             if (filename == null || filename.length() == 0) {
                 // user wants to SAVE AS
                 ToolDialog td = new ToolDialog
-                        (PolicyTool.rb.getString("Save As"), tool, tw, true);
+                        (PolicyTool.rb.getString("Save.As"), tool, tw, true);
                 td.displaySaveAsDialog(td.NOACTION);
             } else {
                 try {
@@ -2781,13 +2764,13 @@
                     // display status
                     MessageFormat form = new MessageFormat
                         (PolicyTool.rb.getString
-                        ("Policy successfully written to filename"));
+                        ("Policy.successfully.written.to.filename"));
                     Object[] source = {filename};
                     tw.displayStatusDialog(null, form.format(source));
                 } catch (FileNotFoundException fnfe) {
                     if (filename == null || filename.equals("")) {
                         tw.displayErrorDialog(null, new FileNotFoundException
-                                (PolicyTool.rb.getString("null filename")));
+                                (PolicyTool.rb.getString("null.filename")));
                     } else {
                         tw.displayErrorDialog(null, fnfe);
                     }
@@ -2800,7 +2783,7 @@
 
             // user wants to SAVE AS
             ToolDialog td = new ToolDialog
-                (PolicyTool.rb.getString("Save As"), tool, tw, true);
+                (PolicyTool.rb.getString("Save.As"), tool, tw, true);
             td.displaySaveAsDialog(td.NOACTION);
 
         } else if (PolicyTool.collator.compare(e.getActionCommand(),
@@ -2830,7 +2813,7 @@
 
             // display a dialog box for the user to enter policy info
             ToolDialog td = new ToolDialog
-                (PolicyTool.rb.getString("Policy Entry"), tool, tw, true);
+                (PolicyTool.rb.getString("Policy.Entry"), tool, tw, true);
             td.displayPolicyEntryDialog(false);
 
         } else if (PolicyTool.collator.compare(e.getActionCommand(),
@@ -2841,13 +2824,13 @@
             int index = list.getSelectedIndex();
             if (index < 0) {
                 tw.displayErrorDialog(null, new Exception
-                        (PolicyTool.rb.getString("No Policy Entry selected")));
+                        (PolicyTool.rb.getString("No.Policy.Entry.selected")));
                 return;
             }
 
             // ask the user if they really want to remove the policy entry
             ToolDialog td = new ToolDialog(PolicyTool.rb.getString
-                ("Remove Policy Entry"), tool, tw, true);
+                ("Remove.Policy.Entry"), tool, tw, true);
             td.displayConfirmRemovePolicyEntry();
 
         } else if (PolicyTool.collator.compare(e.getActionCommand(),
@@ -2858,13 +2841,13 @@
             int index = list.getSelectedIndex();
             if (index < 0) {
                 tw.displayErrorDialog(null, new Exception
-                        (PolicyTool.rb.getString("No Policy Entry selected")));
+                        (PolicyTool.rb.getString("No.Policy.Entry.selected")));
                 return;
             }
 
             // display the permission list for a policy entry
             ToolDialog td = new ToolDialog
-                (PolicyTool.rb.getString("Policy Entry"), tool, tw, true);
+                (PolicyTool.rb.getString("Policy.Entry"), tool, tw, true);
             td.displayPolicyEntryDialog(true);
 
         } else if (PolicyTool.collator.compare(e.getActionCommand(),
@@ -2906,7 +2889,7 @@
             // display status
             MessageFormat form = new MessageFormat
                 (PolicyTool.rb.getString
-                ("Policy successfully written to filename"));
+                ("Policy.successfully.written.to.filename"));
             Object[] source = {filename};
             tw.displayStatusDialog(null, form.format(source));
 
@@ -2925,7 +2908,7 @@
         } catch (FileNotFoundException fnfe) {
             if (filename == null || filename.equals("")) {
                 tw.displayErrorDialog(null, new FileNotFoundException
-                                (PolicyTool.rb.getString("null filename")));
+                                (PolicyTool.rb.getString("null.filename")));
             } else {
                 tw.displayErrorDialog(null, fnfe);
             }
@@ -2977,9 +2960,7 @@
                     if (pubKey == null) {
                         MessageFormat form = new MessageFormat
                             (PolicyTool.rb.getString
-                            ("Warning: A public key for alias " +
-                            "'signers[i]' does not exist.  " +
-                            "Make sure a KeyStore is properly configured."));
+                            ("Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured."));
                         Object[] source = {signers[i]};
                         tool.warnings.addElement(form.format(source));
                         tw.displayStatusDialog(td, form.format(source));
@@ -3047,7 +3028,7 @@
             tool.modified = true;
         } catch (Exception ex) {
             MessageFormat form = new MessageFormat(PolicyTool.rb.getString
-                ("Unable to open KeyStore: ex.toString()"));
+                ("Unable.to.open.KeyStore.ex.toString."));
             Object[] source = {ex.toString()};
             tw.displayErrorDialog(td, form.format(source));
             return;
@@ -3143,7 +3124,7 @@
                 } catch (ClassNotFoundException cnfe) {
                     MessageFormat form = new MessageFormat
                                 (PolicyTool.rb.getString
-                                ("Warning: Class not found: class"));
+                                ("Warning.Class.not.found.class"));
                     Object[] source = {pppe.getPrincipalClass()};
                     tool.warnings.addElement(form.format(source));
                     tw.displayStatusDialog(infoDialog, form.format(source));
@@ -3204,7 +3185,7 @@
                 tool.verifyPermission(pppe.permission, pppe.name, pppe.action);
             } catch (ClassNotFoundException cnfe) {
                 MessageFormat form = new MessageFormat(PolicyTool.rb.getString
-                                ("Warning: Class not found: class"));
+                                ("Warning.Class.not.found.class"));
                 Object[] source = {pppe.permission};
                 tool.warnings.addElement(form.format(source));
                 tw.displayStatusDialog(infoDialog, form.format(source));
@@ -3259,7 +3240,7 @@
 
         if (prinIndex < 0) {
             tw.displayErrorDialog(td, new Exception
-                (PolicyTool.rb.getString("No principal selected")));
+                (PolicyTool.rb.getString("No.principal.selected")));
             return;
         }
         // remove the principal from the display
@@ -3293,7 +3274,7 @@
 
         if (permIndex < 0) {
             tw.displayErrorDialog(td, new Exception
-                (PolicyTool.rb.getString("No permission selected")));
+                (PolicyTool.rb.getString("No.permission.selected")));
             return;
         }
         // remove the permission from the display
@@ -3334,7 +3315,7 @@
 
         if (prinIndex < 0) {
             tw.displayErrorDialog(td, new Exception
-                (PolicyTool.rb.getString("No principal selected")));
+                (PolicyTool.rb.getString("No.principal.selected")));
             return;
         }
         td.displayPrincipalDialog(editPolicyEntry, true);
@@ -3373,7 +3354,7 @@
 
         if (permIndex < 0) {
             tw.displayErrorDialog(td, new Exception
-                (PolicyTool.rb.getString("No permission selected")));
+                (PolicyTool.rb.getString("No.permission.selected")));
             return;
         }
         td.displayPermissionDialog(editPolicyEntry, true);
@@ -3668,7 +3649,7 @@
                 // display status
                 MessageFormat form = new MessageFormat
                         (PolicyTool.rb.getString
-                        ("Policy successfully written to filename"));
+                        ("Policy.successfully.written.to.filename"));
                 Object[] source = {filename};
                 tw.displayStatusDialog(null, form.format(source));
 
@@ -3900,7 +3881,7 @@
                 "getLoginConfiguration",
                 "setLoginConfiguration",
                 "createLoginConfiguration.<" +
-                        PolicyTool.rb.getString("configuration type") + ">",
+                        PolicyTool.rb.getString("configuration.type") + ">",
                 "refreshLoginConfiguration"
                 },
         null);
@@ -4117,7 +4098,7 @@
                 "setSecurityManager",
                 "createSecurityManager",
                 "getenv.<" +
-                    PolicyTool.rb.getString("environment variable name") + ">",
+                    PolicyTool.rb.getString("environment.variable.name") + ">",
                 "exitVM",
                 "shutdownHooks",
                 "setFactory",
@@ -4129,11 +4110,11 @@
                 "readFileDescriptor",
                 "writeFileDescriptor",
                 "loadLibrary.<" +
-                    PolicyTool.rb.getString("library name") + ">",
+                    PolicyTool.rb.getString("library.name") + ">",
                 "accessClassInPackage.<" +
-                    PolicyTool.rb.getString("package name")+">",
+                    PolicyTool.rb.getString("package.name")+">",
                 "defineClassInPackage.<" +
-                    PolicyTool.rb.getString("package name")+">",
+                    PolicyTool.rb.getString("package.name")+">",
                 "accessDeclaredMembers",
                 "queuePrintJob",
                 "getStackTrace",
@@ -4156,15 +4137,15 @@
                 "getPolicy",
                 "setPolicy",
                 "createPolicy.<" +
-                    PolicyTool.rb.getString("policy type") + ">",
+                    PolicyTool.rb.getString("policy.type") + ">",
                 "getProperty.<" +
-                    PolicyTool.rb.getString("property name") + ">",
+                    PolicyTool.rb.getString("property.name") + ">",
                 "setProperty.<" +
-                    PolicyTool.rb.getString("property name") + ">",
+                    PolicyTool.rb.getString("property.name") + ">",
                 "insertProvider.<" +
-                    PolicyTool.rb.getString("provider name") + ">",
+                    PolicyTool.rb.getString("provider.name") + ">",
                 "removeProvider.<" +
-                    PolicyTool.rb.getString("provider name") + ">",
+                    PolicyTool.rb.getString("provider.name") + ">",
                 //"setSystemScope",
                 //"setIdentityPublicKey",
                 //"setIdentityInfo",
@@ -4172,11 +4153,11 @@
                 //"removeIdentityCertificate",
                 //"printIdentity",
                 "clearProviderProperties.<" +
-                    PolicyTool.rb.getString("provider name") + ">",
+                    PolicyTool.rb.getString("provider.name") + ">",
                 "putProviderProperty.<" +
-                    PolicyTool.rb.getString("provider name") + ">",
+                    PolicyTool.rb.getString("provider.name") + ">",
                 "removeProviderProperty.<" +
-                    PolicyTool.rb.getString("provider name") + ">",
+                    PolicyTool.rb.getString("provider.name") + ">",
                 //"getSignerPrivateKey",
                 //"setSignerKeyPair"
                 },
--- a/src/share/classes/sun/security/util/AuthResources.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/sun/security/util/AuthResources.java	Thu Nov 11 15:51:12 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -40,103 +40,103 @@
     private static final Object[][] contents = {
 
         // NT principals
-        {"invalid null input: value", "invalid null input: {0}"},
-        {"NTDomainPrincipal: name", "NTDomainPrincipal: {0}"},
-        {"NTNumericCredential: name", "NTNumericCredential: {0}"},
-        {"Invalid NTSid value", "Invalid NTSid value"},
-        {"NTSid: name", "NTSid: {0}"},
-        {"NTSidDomainPrincipal: name", "NTSidDomainPrincipal: {0}"},
-        {"NTSidGroupPrincipal: name", "NTSidGroupPrincipal: {0}"},
-        {"NTSidPrimaryGroupPrincipal: name", "NTSidPrimaryGroupPrincipal: {0}"},
-        {"NTSidUserPrincipal: name", "NTSidUserPrincipal: {0}"},
-        {"NTUserPrincipal: name", "NTUserPrincipal: {0}"},
+        {"invalid.null.input.value", "invalid null input: {0}"},
+        {"NTDomainPrincipal.name", "NTDomainPrincipal: {0}"},
+        {"NTNumericCredential.name", "NTNumericCredential: {0}"},
+        {"Invalid.NTSid.value", "Invalid NTSid value"},
+        {"NTSid.name", "NTSid: {0}"},
+        {"NTSidDomainPrincipal.name", "NTSidDomainPrincipal: {0}"},
+        {"NTSidGroupPrincipal.name", "NTSidGroupPrincipal: {0}"},
+        {"NTSidPrimaryGroupPrincipal.name", "NTSidPrimaryGroupPrincipal: {0}"},
+        {"NTSidUserPrincipal.name", "NTSidUserPrincipal: {0}"},
+        {"NTUserPrincipal.name", "NTUserPrincipal: {0}"},
 
         // UnixPrincipals
-        {"UnixNumericGroupPrincipal [Primary Group]: name",
+        {"UnixNumericGroupPrincipal.Primary.Group.name",
                 "UnixNumericGroupPrincipal [Primary Group]: {0}"},
-        {"UnixNumericGroupPrincipal [Supplementary Group]: name",
+        {"UnixNumericGroupPrincipal.Supplementary.Group.name",
                 "UnixNumericGroupPrincipal [Supplementary Group]: {0}"},
-        {"UnixNumericUserPrincipal: name", "UnixNumericUserPrincipal: {0}"},
-        {"UnixPrincipal: name", "UnixPrincipal: {0}"},
+        {"UnixNumericUserPrincipal.name", "UnixNumericUserPrincipal: {0}"},
+        {"UnixPrincipal.name", "UnixPrincipal: {0}"},
 
         // com.sun.security.auth.login.ConfigFile
-        {"Unable to properly expand config", "Unable to properly expand {0}"},
-        {"extra_config (No such file or directory)",
+        {"Unable.to.properly.expand.config", "Unable to properly expand {0}"},
+        {"extra.config.No.such.file.or.directory.",
                 "{0} (No such file or directory)"},
-        {"Configuration Error:\n\tNo such file or directory",
+        {"Configuration.Error.No.such.file.or.directory",
                 "Configuration Error:\n\tNo such file or directory"},
-        {"Configuration Error:\n\tInvalid control flag, flag",
+        {"Configuration.Error.Invalid.control.flag.flag",
                 "Configuration Error:\n\tInvalid control flag, {0}"},
-        {"Configuration Error:\n\tCan not specify multiple entries for appName",
+        {"Configuration.Error.Can.not.specify.multiple.entries.for.appName",
             "Configuration Error:\n\tCan not specify multiple entries for {0}"},
-        {"Configuration Error:\n\texpected [expect], read [end of file]",
+        {"Configuration.Error.expected.expect.read.end.of.file.",
                 "Configuration Error:\n\texpected [{0}], read [end of file]"},
-        {"Configuration Error:\n\tLine line: expected [expect], found [value]",
+        {"Configuration.Error.Line.line.expected.expect.found.value.",
             "Configuration Error:\n\tLine {0}: expected [{1}], found [{2}]"},
-        {"Configuration Error:\n\tLine line: expected [expect]",
+        {"Configuration.Error.Line.line.expected.expect.",
             "Configuration Error:\n\tLine {0}: expected [{1}]"},
-        {"Configuration Error:\n\tLine line: system property [value] expanded to empty value",
+        {"Configuration.Error.Line.line.system.property.value.expanded.to.empty.value",
             "Configuration Error:\n\tLine {0}: system property [{1}] expanded to empty value"},
 
         // com.sun.security.auth.module.JndiLoginModule
-        {"username: ","username: "},
-        {"password: ","password: "},
+        {"username.","username: "},
+        {"password.","password: "},
 
         // com.sun.security.auth.module.KeyStoreLoginModule
-        {"Please enter keystore information",
+        {"Please.enter.keystore.information",
                 "Please enter keystore information"},
-        {"Keystore alias: ","Keystore alias: "},
-        {"Keystore password: ","Keystore password: "},
-        {"Private key password (optional): ",
+        {"Keystore.alias.","Keystore alias: "},
+        {"Keystore.password.","Keystore password: "},
+        {"Private.key.password.optional.",
             "Private key password (optional): "},
 
         // com.sun.security.auth.module.Krb5LoginModule
-        {"Kerberos username [[defUsername]]: ",
+        {"Kerberos.username.defUsername.",
                 "Kerberos username [{0}]: "},
-        {"Kerberos password for [username]: ",
+        {"Kerberos.password.for.username.",
                 "Kerberos password for {0}: "},
 
         /***    EVERYTHING BELOW IS DEPRECATED  ***/
 
         // com.sun.security.auth.PolicyFile
-        {": error parsing ", ": error parsing "},
-        {": ", ": "},
-        {": error adding Permission ", ": error adding Permission "},
-        {" ", " "},
-        {": error adding Entry ", ": error adding Entry "},
-        {"(", "("},
-        {")", ")"},
-        {"attempt to add a Permission to a readonly PermissionCollection",
+        {".error.parsing.", ": error parsing "},
+        {"COLON", ": "},
+        {".error.adding.Permission.", ": error adding Permission "},
+        {"SPACE", " "},
+        {".error.adding.Entry.", ": error adding Entry "},
+        {"LPARAM", "("},
+        {"RPARAM", ")"},
+        {"attempt.to.add.a.Permission.to.a.readonly.PermissionCollection",
             "attempt to add a Permission to a readonly PermissionCollection"},
 
         // com.sun.security.auth.PolicyParser
-        {"expected keystore type", "expected keystore type"},
-        {"can not specify Principal with a ",
+        {"expected.keystore.type", "expected keystore type"},
+        {"can.not.specify.Principal.with.a.",
                 "can not specify Principal with a "},
-        {"wildcard class without a wildcard name",
+        {"wildcard.class.without.a.wildcard.name",
                 "wildcard class without a wildcard name"},
-        {"expected codeBase or SignedBy", "expected codeBase or SignedBy"},
-        {"only Principal-based grant entries permitted",
+        {"expected.codeBase.or.SignedBy", "expected codeBase or SignedBy"},
+        {"only.Principal.based.grant.entries.permitted",
                 "only Principal-based grant entries permitted"},
-        {"expected permission entry", "expected permission entry"},
-        {"number ", "number "},
-        {"expected ", "expected "},
-        {", read end of file", ", read end of file"},
-        {"expected ';', read end of file", "expected ';', read end of file"},
-        {"line ", "line "},
-        {": expected '", ": expected '"},
-        {"', found '", "', found '"},
-        {"'", "'"},
+        {"expected.permission.entry", "expected permission entry"},
+        {"number.", "number "},
+        {"expected.", "expected "},
+        {".read.end.of.file", ", read end of file"},
+        {"expected.read.end.of.file", "expected ';', read end of file"},
+        {"line.", "line "},
+        {".expected.", ": expected '"},
+        {".found.", "', found '"},
+        {"QUOTE", "'"},
 
         // SolarisPrincipals
-        {"SolarisNumericGroupPrincipal [Primary Group]: ",
+        {"SolarisNumericGroupPrincipal.Primary.Group.",
                 "SolarisNumericGroupPrincipal [Primary Group]: "},
-        {"SolarisNumericGroupPrincipal [Supplementary Group]: ",
+        {"SolarisNumericGroupPrincipal.Supplementary.Group.",
                 "SolarisNumericGroupPrincipal [Supplementary Group]: "},
-        {"SolarisNumericUserPrincipal: ",
+        {"SolarisNumericUserPrincipal.",
                 "SolarisNumericUserPrincipal: "},
-        {"SolarisPrincipal: ", "SolarisPrincipal: "},
-        {"provided null name", "provided null name"}
+        {"SolarisPrincipal.", "SolarisPrincipal: "},
+        {"provided.null.name", "provided null name"}
 
     };
 
--- a/src/share/classes/sun/security/util/Resources.java	Tue Nov 09 18:57:12 2010 +0000
+++ b/src/share/classes/sun/security/util/Resources.java	Thu Nov 11 15:51:12 2010 +0800
@@ -35,434 +35,428 @@
     private static final Object[][] contents = {
 
         // shared (from jarsigner)
-        {" ", " "},
-        {"  ", "  "},
-        {"      ", "      "},
-        {", ", ", "},
+        {"SPACE", " "},
+        {"2SPACE", "  "},
+        {"6SPACE", "      "},
+        {"COMMA", ", "},
         // shared (from keytool)
-        {"\n", "\n"},
-        {"*******************************************",
+        {"NEWLINE", "\n"},
+        {"STAR",
                 "*******************************************"},
-        {"*******************************************\n\n",
+        {"STARNN",
                 "*******************************************\n\n"},
 
         // keytool: Help part
-        {" [OPTION]...", " [OPTION]..."},
-        {"Options:", "Options:"},
-        {"Use \"keytool -help\" for all available commands",
+        {".OPTION.", " [OPTION]..."},
+        {"Options.", "Options:"},
+        {"Use.keytool.help.for.all.available.commands",
                  "Use \"keytool -help\" for all available commands"},
-        {"Key and Certificate Management Tool",
+        {"Key.and.Certificate.Management.Tool",
                  "Key and Certificate Management Tool"},
-        {"Commands:", "Commands:"},
-        {"Use \"keytool -command_name -help\" for usage of command_name",
+        {"Commands.", "Commands:"},
+        {"Use.keytool.command.name.help.for.usage.of.command.name",
                 "Use \"keytool -command_name -help\" for usage of command_name"},
         // keytool: help: commands
-        {"Generates a certificate request",
+        {"Generates.a.certificate.request",
                 "Generates a certificate request"}, //-certreq
-        {"Changes an entry's alias",
+        {"Changes.an.entry.s.alias",
                 "Changes an entry's alias"}, //-changealias
-        {"Deletes an entry",
+        {"Deletes.an.entry",
                 "Deletes an entry"}, //-delete
-        {"Exports certificate",
+        {"Exports.certificate",
                 "Exports certificate"}, //-exportcert
-        {"Generates a key pair",
+        {"Generates.a.key.pair",
                 "Generates a key pair"}, //-genkeypair
-        {"Generates a secret key",
+        {"Generates.a.secret.key",
                 "Generates a secret key"}, //-genseckey
-        {"Generates certificate from a certificate request",
+        {"Generates.certificate.from.a.certificate.request",
                 "Generates certificate from a certificate request"}, //-gencert
-        {"Generates CRL", "Generates CRL"}, //-gencrl
-        {"Imports entries from a JDK 1.1.x-style identity database",
+        {"Generates.CRL", "Generates CRL"}, //-gencrl
+        {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
                 "Imports entries from a JDK 1.1.x-style identity database"}, //-identitydb
-        {"Imports a certificate or a certificate chain",
+        {"Imports.a.certificate.or.a.certificate.chain",
                 "Imports a certificate or a certificate chain"}, //-importcert
-        {"Imports one or all entries from another keystore",
+        {"Imports.one.or.all.entries.from.another.keystore",
                 "Imports one or all entries from another keystore"}, //-importkeystore
-        {"Clones a key entry",
+        {"Clones.a.key.entry",
                 "Clones a key entry"}, //-keyclone
-        {"Changes the key password of an entry",
+        {"Changes.the.key.password.of.an.entry",
                 "Changes the key password of an entry"}, //-keypasswd
-        {"Lists entries in a keystore",
+        {"Lists.entries.in.a.keystore",
                 "Lists entries in a keystore"}, //-list
-        {"Prints the content of a certificate",
+        {"Prints.the.content.of.a.certificate",
                 "Prints the content of a certificate"}, //-printcert
-        {"Prints the content of a certificate request",
+        {"Prints.the.content.of.a.certificate.request",
                 "Prints the content of a certificate request"}, //-printcertreq
-        {"Prints the content of a CRL file",
+        {"Prints.the.content.of.a.CRL.file",
                 "Prints the content of a CRL file"}, //-printcrl
-        {"Generates a self-signed certificate",
+        {"Generates.a.self.signed.certificate",
                 "Generates a self-signed certificate"}, //-selfcert
-        {"Changes the store password of a keystore",
+        {"Changes.the.store.password.of.a.keystore",
                 "Changes the store password of a keystore"}, //-storepasswd
         // keytool: help: options
-        {"alias name of the entry to process",
+        {"alias.name.of.the.entry.to.process",
                 "alias name of the entry to process"}, //-alias
-        {"destination alias",
+        {"destination.alias",
                 "destination alias"}, //-destalias
-        {"destination key password",
+        {"destination.key.password",
                 "destination key password"}, //-destkeypass
-        {"destination keystore name",
+        {"destination.keystore.name",
                 "destination keystore name"}, //-destkeystore
-        {"destination keystore password protected",
+        {"destination.keystore.password.protected",
                 "destination keystore password protected"}, //-destprotected
-        {"destination keystore provider name",
+        {"destination.keystore.provider.name",
                 "destination keystore provider name"}, //-destprovidername
-        {"destination keystore password",
+        {"destination.keystore.password",
                 "destination keystore password"}, //-deststorepass
-        {"destination keystore type",
+        {"destination.keystore.type",
                 "destination keystore type"}, //-deststoretype
-        {"distinguished name",
+        {"distinguished.name",
                 "distinguished name"}, //-dname
-        {"X.509 extension",
+        {"X.509.extension",
                 "X.509 extension"}, //-ext
-        {"output file name",
+        {"output.file.name",
                 "output file name"}, //-file and -outfile
-        {"input file name",
+        {"input.file.name",
                 "input file name"}, //-file and -infile
-        {"key algorithm name",
+        {"key.algorithm.name",
                 "key algorithm name"}, //-keyalg
-        {"key password",
+        {"key.password",
                 "key password"}, //-keypass
-        {"key bit size",
+        {"key.bit.size",
                 "key bit size"}, //-keysize
-        {"keystore name",
+        {"keystore.name",
                 "keystore name"}, //-keystore
-        {"new password",
+        {"new.password",
                 "new password"}, //-new
-        {"do not prompt",
+        {"do.not.prompt",
                 "do not prompt"}, //-noprompt
-        {"password through protected mechanism",
+        {"password.through.protected.mechanism",
                 "password through protected mechanism"}, //-protected
-        {"provider argument",
+        {"provider.argument",
                 "provider argument"}, //-providerarg
-        {"provider class name",
+        {"provider.class.name",
                 "provider class name"}, //-providerclass
-        {"provider name",
+        {"provider.name",
                 "provider name"}, //-providername
-        {"provider classpath",
+        {"provider.classpath",
                 "provider classpath"}, //-providerpath
-        {"output in RFC style",
+        {"output.in.RFC.style",
                 "output in RFC style"}, //-rfc
-        {"signature algorithm name",
+        {"signature.algorithm.name",
                 "signature algorithm name"}, //-sigalg
-        {"source alias",
+        {"source.alias",
                 "source alias"}, //-srcalias
-        {"source key password",
+        {"source.key.password",
                 "source key password"}, //-srckeypass
-        {"source keystore name",
+        {"source.keystore.name",
                 "source keystore name"}, //-srckeystore
-        {"source keystore password protected",
+        {"source.keystore.password.protected",
                 "source keystore password protected"}, //-srcprotected
-        {"source keystore provider name",
+        {"source.keystore.provider.name",
                 "source keystore provider name"}, //-srcprovidername
-        {"source keystore password",
+        {"source.keystore.password",
                 "source keystore password"}, //-srcstorepass
-        {"source keystore type",
+        {"source.keystore.type",
                 "source keystore type"}, //-srcstoretype
-        {"SSL server host and port",
+        {"SSL.server.host.and.port",
                 "SSL server host and port"}, //-sslserver
-        {"signed jar file",
+        {"signed.jar.file",
                 "signed jar file"}, //=jarfile
-        {"certificate validity start date/time",
+        {"certificate.validity.start.date.time",
                 "certificate validity start date/time"}, //-startdate
-        {"keystore password",
+        {"keystore.password",
                 "keystore password"}, //-storepass
-        {"keystore type",
+        {"keystore.type",
                 "keystore type"}, //-storetype
-        {"trust certificates from cacerts",
+        {"trust.certificates.from.cacerts",
                 "trust certificates from cacerts"}, //-trustcacerts
-        {"verbose output",
+        {"verbose.output",
                 "verbose output"}, //-v
-        {"validity number of days",
+        {"validity.number.of.days",
                 "validity number of days"}, //-validity
-        {"Serial ID of cert to revoke",
+        {"Serial.ID.of.cert.to.revoke",
                  "Serial ID of cert to revoke"}, //-id
         // keytool: Running part
-        {"keytool error: ", "keytool error: "},
-        {"Illegal option:  ", "Illegal option:  "},
-        {"Illegal value: ", "Illegal value: "},
-        {"Unknown password type: ", "Unknown password type: "},
-        {"Cannot find environment variable: ",
+        {"keytool.error.", "keytool error: "},
+        {"Illegal.option.", "Illegal option:  "},
+        {"Illegal.value.", "Illegal value: "},
+        {"Unknown.password.type.", "Unknown password type: "},
+        {"Cannot.find.environment.variable.",
                 "Cannot find environment variable: "},
-        {"Cannot find file: ", "Cannot find file: "},
-        {"Command option <flag> needs an argument.", "Command option {0} needs an argument."},
-        {"Warning:  Different store and key passwords not supported for PKCS12 KeyStores. Ignoring user-specified <command> value.",
+        {"Cannot.find.file.", "Cannot find file: "},
+        {"Command.option.flag.needs.an.argument.", "Command option {0} needs an argument."},
+        {"Warning.Different.store.and.key.passwords.not.supported.for.PKCS12.KeyStores.Ignoring.user.specified.command.value.",
                 "Warning:  Different store and key passwords not supported for PKCS12 KeyStores. Ignoring user-specified {0} value."},
-        {"-keystore must be NONE if -storetype is {0}",
+        {".keystore.must.be.NONE.if.storetype.is.{0}",
                 "-keystore must be NONE if -storetype is {0}"},
-        {"Too many retries, program terminated",
+        {"Too.many.retries.program.terminated",
                  "Too many retries, program terminated"},
-        {"-storepasswd and -keypasswd commands not supported if -storetype is {0}",
+        {".storepasswd.and.keypasswd.commands.not.supported.if.storetype.is.{0}",
                 "-storepasswd and -keypasswd commands not supported if -storetype is {0}"},
-        {"-keypasswd commands not supported if -storetype is PKCS12",
+        {".keypasswd.commands.not.supported.if.storetype.is.PKCS12",
                 "-keypasswd commands not supported if -storetype is PKCS12"},
-        {"-keypass and -new can not be specified if -storetype is {0}",
+        {".keypass.and.new.can.not.be.specified.if.storetype.is.{0}",
                 "-keypass and -new can not be specified if -storetype is {0}"},
-        {"if -protected is specified, then -storepass, -keypass, and -new must not be specified",
+        {"if.protected.is.specified.then.storepass.keypass.and.new.must.not.be.specified",
                 "if -protected is specified, then -storepass, -keypass, and -new must not be specified"},
-        {"if -srcprotected is specified, then -srcstorepass and -srckeypass must not be specified",
+        {"if.srcprotected.is.specified.then.srcstorepass.and.srckeypass.must.not.be.specified",
                 "if -srcprotected is specified, then -srcstorepass and -srckeypass must not be specified"},
-        {"if keystore is not password protected, then -storepass, -keypass, and -new must not be specified",
+        {"if.keystore.is.not.password.protected.then.storepass.keypass.and.new.must.not.be.specified",
                 "if keystore is not password protected, then -storepass, -keypass, and -new must not be specified"},
-        {"if source keystore is not password protected, then -srcstorepass and -srckeypass must not be specified",
+        {"if.source.keystore.is.not.password.protected.then.srcstorepass.and.srckeypass.must.not.be.specified",
                 "if source keystore is not password protected, then -srcstorepass and -srckeypass must not be specified"},
-        {"Illegal startdate value", "Illegal startdate value"},
-        {"Validity must be greater than zero",
+        {"Illegal.startdate.value", "Illegal startdate value"},
+        {"Validity.must.be.greater.than.zero",
                 "Validity must be greater than zero"},
-        {"provName not a provider", "{0} not a provider"},
-        {"Usage error: no command provided", "Usage error: no command provided"},
-        {"Source keystore file exists, but is empty: ", "Source keystore file exists, but is empty: "},
-        {"Please specify -srckeystore", "Please specify -srckeystore"},
-        {"Must not specify both -v and -rfc with 'list' command",
+        {"provName.not.a.provider", "{0} not a provider"},
+        {"Usage.error.no.command.provided", "Usage error: no command provided"},
+        {"Source.keystore.file.exists.but.is.empty.", "Source keystore file exists, but is empty: "},
+        {"Please.specify.srckeystore", "Please specify -srckeystore"},
+        {"Must.not.specify.both.v.and.rfc.with.list.command",
                 "Must not specify both -v and -rfc with 'list' command"},
-        {"Key password must be at least 6 characters",
+        {"Key.password.must.be.at.least.6.characters",
                 "Key password must be at least 6 characters"},
-        {"New password must be at least 6 characters",
+        {"New.password.must.be.at.least.6.characters",
                 "New password must be at least 6 characters"},
-        {"Keystore file exists, but is empty: ",
+        {"Keystore.file.exists.but.is.empty.",
                 "Keystore file exists, but is empty: "},
-        {"Keystore file does not exist: ",
+        {"Keystore.file.does.not.exist.",
                 "Keystore file does not exist: "},
-        {"Must specify destination alias", "Must specify destination alias"},
-        {"Must specify alias", "Must specify alias"},
-        {"Keystore password must be at least 6 characters",
+        {"Must.specify.destination.alias", "Must specify destination alias"},
+        {"Must.specify.alias", "Must specify alias"},
+        {"Keystore.password.must.be.at.least.6.characters",
                 "Keystore password must be at least 6 characters"},
-        {"Enter keystore password:  ", "Enter keystore password:  "},
-        {"Enter source keystore password:  ", "Enter source keystore password:  "},
-        {"Enter destination keystore password:  ", "Enter destination keystore password:  "},
-        {"Keystore password is too short - must be at least 6 characters",
+        {"Enter.keystore.password.", "Enter keystore password:  "},
+        {"Enter.source.keystore.password.", "Enter source keystore password:  "},
+        {"Enter.destination.keystore.password.", "Enter destination keystore password:  "},
+        {"Keystore.password.is.too.short.must.be.at.least.6.characters",
          "Keystore password is too short - must be at least 6 characters"},
-        {"Unknown Entry Type", "Unknown Entry Type"},
-        {"Too many failures. Alias not changed", "Too many failures. Alias not changed"},
-        {"Entry for alias <alias> successfully imported.",
+        {"Unknown.Entry.Type", "Unknown Entry Type"},
+        {"Too.many.failures.Alias.not.changed", "Too many failures. Alias not changed"},
+        {"Entry.for.alias.alias.successfully.imported.",
                  "Entry for alias {0} successfully imported."},
-        {"Entry for alias <alias> not imported.", "Entry for alias {0} not imported."},
-        {"Problem importing entry for alias <alias>: <exception>.\nEntry for alias <alias> not imported.",
+        {"Entry.for.alias.alias.not.imported.", "Entry for alias {0} not imported."},
+        {"Problem.importing.entry.for.alias.alias.exception.Entry.for.alias.alias.not.imported.",
                  "Problem importing entry for alias {0}: {1}.\nEntry for alias {0} not imported."},
-        {"Import command completed:  <ok> entries successfully imported, <fail> entries failed or cancelled",
+        {"Import.command.completed.ok.entries.successfully.imported.fail.entries.failed.or.cancelled",
                  "Import command completed:  {0} entries successfully imported, {1} entries failed or cancelled"},
-        {"Warning: Overwriting existing alias <alias> in destination keystore",
+        {"Warning.Overwriting.existing.alias.alias.in.destination.keystore",
                  "Warning: Overwriting existing alias {0} in destination keystore"},
-        {"Existing entry alias <alias> exists, overwrite? [no]:  ",
+        {"Existing.entry.alias.alias.exists.overwrite.no.",
                  "Existing entry alias {0} exists, overwrite? [no]:  "},
-        {"Too many failures - try later", "Too many failures - try later"},
-        {"Certification request stored in file <filename>",
+        {"Too.many.failures.try.later", "Too many failures - try later"},
+        {"Certification.request.stored.in.file.filename.",
                 "Certification request stored in file <{0}>"},
-        {"Submit this to your CA", "Submit this to your CA"},
-        {"if alias not specified, destalias, srckeypass, and destkeypass must not be specified",
+        {"Submit.this.to.your.CA", "Submit this to your CA"},
+        {"if.alias.not.specified.destalias.srckeypass.and.destkeypass.must.not.be.specified",
             "if alias not specified, destalias, srckeypass, and destkeypass must not be specified"},
-        {"Certificate stored in file <filename>",
+        {"Certificate.stored.in.file.filename.",
                 "Certificate stored in file <{0}>"},
-        {"Certificate reply was installed in keystore",
+        {"Certificate.reply.was.installed.in.keystore",
                 "Certificate reply was installed in keystore"},
-        {"Certificate reply was not installed in keystore",
+        {"Certificate.reply.was.not.installed.in.keystore",
                 "Certificate reply was not installed in keystore"},
-        {"Certificate was added to keystore",
+        {"Certificate.was.added.to.keystore",
                 "Certificate was added to keystore"},
-        {"Certificate was not added to keystore",
+        {"Certificate.was.not.added.to.keystore",
                 "Certificate was not added to keystore"},
-        {"[Storing ksfname]", "[Storing {0}]"},
-        {"alias has no public key (certificate)",
+        {".Storing.ksfname.", "[Storing {0}]"},
+        {"alias.has.no.public.key.certificate.",
                 "{0} has no public key (certificate)"},
-        {"Cannot derive signature algorithm",
+        {"Cannot.derive.signature.algorithm",
                 "Cannot derive signature algorithm"},
-        {"Alias <alias> does not exist",
+        {"Alias.alias.does.not.exist",
                 "Alias <{0}> does not exist"},
-        {"Alias <alias> has no certificate",
+        {"Alias.alias.has.no.certificate",
                 "Alias <{0}> has no certificate"},
-        {"Key pair not generated, alias <alias> already exists",
+        {"Key.pair.not.generated.alias.alias.already.exists",
                 "Key pair not generated, alias <{0}> already exists"},
-        {"Generating keysize bit keyAlgName key pair and self-signed certificate (sigAlgName) with a validity of validality days\n\tfor: x500Name",
+        {"Generating.keysize.bit.keyAlgName.key.pair.and.self.signed.certificate.sigAlgName.with.a.validity.of.validality.days.for",
                 "Generating {0} bit {1} key pair and self-signed certificate ({2}) with a validity of {3} days\n\tfor: {4}"},
-        {"Enter key password for <alias>", "Enter key password for <{0}>"},
-        {"\t(RETURN if same as keystore password):  ",
+        {"Enter.key.password.for.alias.", "Enter key password for <{0}>"},
+        {".RETURN.if.same.as.keystore.password.",
                 "\t(RETURN if same as keystore password):  "},
-        {"Key password is too short - must be at least 6 characters",
+        {"Key.password.is.too.short.must.be.at.least.6.characters",
                 "Key password is too short - must be at least 6 characters"},
-        {"Too many failures - key not added to keystore",
+        {"Too.many.failures.key.not.added.to.keystore",
                 "Too many failures - key not added to keystore"},
-        {"Destination alias <dest> already exists",
+        {"Destination.alias.dest.already.exists",
                 "Destination alias <{0}> already exists"},
-        {"Password is too short - must be at least 6 characters",
+        {"Password.is.too.short.must.be.at.least.6.characters",
                 "Password is too short - must be at least 6 characters"},
-        {"Too many failures. Key entry not cloned",
+        {"Too.many.failures.Key.entry.not.cloned",
                 "Too many failures. Key entry not cloned"},
-        {"key password for <alias>", "key password for <{0}>"},
-        {"Keystore entry for <id.getName()> already exists",
+        {"key.password.for.alias.", "key password for <{0}>"},
+        {"Keystore.entry.for.id.getName.already.exists",
                 "Keystore entry for <{0}> already exists"},
-        {"Creating keystore entry for <id.getName()> ...",
+        {"Creating.keystore.entry.for.id.getName.",
                 "Creating keystore entry for <{0}> ..."},
-        {"No entries from identity database added",
+        {"No.entries.from.identity.database.added",
                 "No entries from identity database added"},
-        {"Alias name: alias", "Alias name: {0}"},
-        {"Creation date: keyStore.getCreationDate(alias)",
+        {"Alias.name.alias", "Alias name: {0}"},
+        {"Creation.date.keyStore.getCreationDate.alias.",
                 "Creation date: {0,date}"},
-        {"alias, keyStore.getCreationDate(alias), ",
+        {"alias.keyStore.getCreationDate.alias.",
                 "{0}, {1,date}, "},
-        {"alias, ", "{0}, "},
-        {"Entry type: <type>", "Entry type: {0}"},
-        {"Certificate chain length: ", "Certificate chain length: "},
-        {"Certificate[(i + 1)]:", "Certificate[{0,number,integer}]:"},
-        {"Certificate fingerprint (SHA1): ", "Certificate fingerprint (SHA1): "},
-        {"Entry type: trustedCertEntry\n", "Entry type: trustedCertEntry\n"},
-        {"trustedCertEntry,", "trustedCertEntry,"},
-        {"Keystore type: ", "Keystore type: "},
-        {"Keystore provider: ", "Keystore provider: "},
-        {"Your keystore contains keyStore.size() entry",
+        {"alias.", "{0}, "},
+        {"Entry.type.type.", "Entry type: {0}"},
+        {"Certificate.chain.length.", "Certificate chain length: "},
+        {"Certificate.i.1.", "Certificate[{0,number,integer}]:"},
+        {"Certificate.fingerprint.SHA1.", "Certificate fingerprint (SHA1): "},
+        {"Entry.type.trustedCertEntry.", "Entry type: trustedCertEntry\n"},
+        {"trustedCertEntry.", "trustedCertEntry,"},
+        {"Keystore.type.", "Keystore type: "},
+        {"Keystore.provider.", "Keystore provider: "},
+        {"Your.keystore.contains.keyStore.size.entry",
                 "Your keystore contains {0,number,integer} entry"},
-        {"Your keystore contains keyStore.size() entries",
+        {"Your.keystore.contains.keyStore.size.entries",
                 "Your keystore contains {0,number,integer} entries"},
-        {"Failed to parse input", "Failed to parse input"},
-        {"Empty input", "Empty input"},
-        {"Not X.509 certificate", "Not X.509 certificate"},
-        {"alias has no public key", "{0} has no public key"},
-        {"alias has no X.509 certificate", "{0} has no X.509 certificate"},
-        {"New certificate (self-signed):", "New certificate (self-signed):"},
-        {"Reply has no certificates", "Reply has no certificates"},
-        {"Certificate not imported, alias <alias> already exists",
+        {"Failed.to.parse.input", "Failed to parse input"},
+        {"Empty.input", "Empty input"},
+        {"Not.X.509.certificate", "Not X.509 certificate"},
+        {"alias.has.no.public.key", "{0} has no public key"},
+        {"alias.has.no.X.509.certificate", "{0} has no X.509 certificate"},
+        {"New.certificate.self.signed.", "New certificate (self-signed):"},
+        {"Reply.has.no.certificates", "Reply has no certificates"},
+        {"Certificate.not.imported.alias.alias.already.exists",
                 "Certificate not imported, alias <{0}> already exists"},
-        {"Input not an X.509 certificate", "Input not an X.509 certificate"},
-        {"Certificate already exists in keystore under alias <trustalias>",
+        {"Input.not.an.X.509.certificate", "Input not an X.509 certificate"},
+        {"Certificate.already.exists.in.keystore.under.alias.trustalias.",
                 "Certificate already exists in keystore under alias <{0}>"},
-        {"Do you still want to add it? [no]:  ",
+        {"Do.you.still.want.to.add.it.no.",
                 "Do you still want to add it? [no]:  "},
-        {"Certificate already exists in system-wide CA keystore under alias <trustalias>",
+        {"Certificate.already.exists.in.system.wide.CA.keystore.under.alias.trustalias.",
                 "Certificate already exists in system-wide CA keystore under alias <{0}>"},
-        {"Do you still want to add it to your own keystore? [no]:  ",
+        {"Do.you.still.want.to.add.it.to.your.own.keystore.no.",
                 "Do you still want to add it to your own keystore? [no]:  "},
-        {"Trust this certificate? [no]:  ", "Trust this certificate? [no]:  "},
+        {"Trust.this.certificate.no.", "Trust this certificate? [no]:  "},
         {"YES", "YES"},
-        {"New prompt: ", "New {0}: "},
-        {"Passwords must differ", "Passwords must differ"},
-        {"Re-enter new prompt: ", "Re-enter new {0}: "},
-        {"Re-enter new password: ", "Re-enter new password: "},
-        {"They don't match. Try again", "They don't match. Try again"},
-        {"Enter prompt alias name:  ", "Enter {0} alias name:  "},
-        {"Enter new alias name\t(RETURN to cancel import for this entry):  ",
+        {"New.prompt.", "New {0}: "},
+        {"Passwords.must.differ", "Passwords must differ"},
+        {"Re.enter.new.prompt.", "Re-enter new {0}: "},
+        {"Re.enter.new.password.", "Re-enter new password: "},
+        {"They.don.t.match.Try.again", "They don't match. Try again"},
+        {"Enter.prompt.alias.name.", "Enter {0} alias name:  "},
+        {"Enter.new.alias.name.RETURN.to.cancel.import.for.this.entry.",
                  "Enter new alias name\t(RETURN to cancel import for this entry):  "},
-        {"Enter alias name:  ", "Enter alias name:  "},
-        {"\t(RETURN if same as for <otherAlias>)",
+        {"Enter.alias.name.", "Enter alias name:  "},
+        {".RETURN.if.same.as.for.otherAlias.",
                 "\t(RETURN if same as for <{0}>)"},
-        {"*PATTERN* printX509Cert",
+        {".PATTERN.printX509Cert",
                 "Owner: {0}\nIssuer: {1}\nSerial number: {2}\nValid from: {3} until: {4}\nCertificate fingerprints:\n\t MD5:  {5}\n\t SHA1: {6}\n\t SHA256: {7}\n\t Signature algorithm name: {8}\n\t Version: {9}"},
-        {"What is your first and last name?",
+        {"What.is.your.first.and.last.name.",
                 "What is your first and last name?"},
-        {"What is the name of your organizational unit?",
+        {"What.is.the.name.of.your.organizational.unit.",
                 "What is the name of your organizational unit?"},
-        {"What is the name of your organization?",
+        {"What.is.the.name.of.your.organization.",
                 "What is the name of your organization?"},
-        {"What is the name of your City or Locality?",
+        {"What.is.the.name.of.your.City.or.Locality.",
                 "What is the name of your City or Locality?"},
-        {"What is the name of your State or Province?",
+        {"What.is.the.name.of.your.State.or.Province.",
                 "What is the name of your State or Province?"},
-        {"What is the two-letter country code for this unit?",
+        {"What.is.the.two.letter.country.code.for.this.unit.",
                 "What is the two-letter country code for this unit?"},
-        {"Is <name> correct?", "Is {0} correct?"},
+        {"Is.name.correct.", "Is {0} correct?"},
         {"no", "no"},
         {"yes", "yes"},
         {"y", "y"},
-        {"  [defaultValue]:  ", "  [{0}]:  "},
-        {"Alias <alias> has no key",
+        {".defaultValue.", "  [{0}]:  "},
+        {"Alias.alias.has.no.key",
                 "Alias <{0}> has no key"},
-        {"Alias <alias> references an entry type that is not a private key entry.  The -keyclone command only supports cloning of private key entries",
+        {"Alias.alias.references.an.entry.type.that.is.not.a.private.key.entry.The.keyclone.command.only.supports.cloning.of.private.key",
                  "Alias <{0}> references an entry type that is not a private key entry.  The -keyclone command only supports cloning of private key entries"},
 
-        {"*****************  WARNING WARNING WARNING  *****************",
+        {".WARNING.WARNING.WARNING.",
             "*****************  WARNING WARNING WARNING  *****************"},
-        {"Signer #%d:", "Signer #%d:"},
-        {"Timestamp:", "Timestamp:"},
-        {"Signature:", "Signature:"},
-        {"CRLs:", "CRLs:"},
-        {"Certificate owner: ", "Certificate owner: "},
-        {"Not a signed jar file", "Not a signed jar file"},
-        {"No certificate from the SSL server",
+        {"Signer.d.", "Signer #%d:"},
+        {"Timestamp.", "Timestamp:"},
+        {"Signature.", "Signature:"},
+        {"CRLs.", "CRLs:"},
+        {"Certificate.owner.", "Certificate owner: "},
+        {"Not.a.signed.jar.file", "Not a signed jar file"},
+        {"No.certificate.from.the.SSL.server",
                 "No certificate from the SSL server"},
 
         // Translators of the following 5 pairs, ATTENTION:
         // the next 5 string pairs are meant to be combined into 2 paragraphs,
         // 1+3+4 and 2+3+5. make sure your translation also does.
-        {"* The integrity of the information stored in your keystore  *",
+        {".The.integrity.of.the.information.stored.in.your.keystore.",
             "* The integrity of the information stored in your keystore  *"},
-        {"* The integrity of the information stored in the srckeystore*",
+        {".The.integrity.of.the.information.stored.in.the.srckeystore.",
             "* The integrity of the information stored in the srckeystore*"},
-        {"* has NOT been verified!  In order to verify its integrity, *",
+        {".has.NOT.been.verified.In.order.to.verify.its.integrity.",
             "* has NOT been verified!  In order to verify its integrity, *"},
-        {"* you must provide your keystore password.                  *",
+        {".you.must.provide.your.keystore.password.",
             "* you must provide your keystore password.                  *"},
-        {"* you must provide the srckeystore password.                *",
+        {".you.must.provide.the.srckeystore.password.",
             "* you must provide the srckeystore password.                *"},
 
 
-        {"Certificate reply does not contain public key for <alias>",
+        {"Certificate.reply.does.not.contain.public.key.for.alias.",
                 "Certificate reply does not contain public key for <{0}>"},
-        {"Incomplete certificate chain in reply",
+        {"Incomplete.certificate.chain.in.reply",
                 "Incomplete certificate chain in reply"},
-        {"Certificate chain in reply does not verify: ",
+        {"Certificate.chain.in.reply.does.not.verify.",
                 "Certificate chain in reply does not verify: "},
-        {"Top-level certificate in reply:\n",
+        {"Top.level.certificate.in.reply.",
                 "Top-level certificate in reply:\n"},
-        {"... is not trusted. ", "... is not trusted. "},
-        {"Install reply anyway? [no]:  ", "Install reply anyway? [no]:  "},
+        {".is.not.trusted.", "... is not trusted. "},
+        {"Install.reply.anyway.no.", "Install reply anyway? [no]:  "},
         {"NO", "NO"},
-        {"Public keys in reply and keystore don't match",
+        {"Public.keys.in.reply.and.keystore.don.t.match",
                 "Public keys in reply and keystore don't match"},
-        {"Certificate reply and certificate in keystore are identical",
+        {"Certificate.reply.and.certificate.in.keystore.are.identical",
                 "Certificate reply and certificate in keystore are identical"},
-        {"Failed to establish chain from reply",
+        {"Failed.to.establish.chain.from.reply",
                 "Failed to establish chain from reply"},
         {"n", "n"},
-        {"Wrong answer, try again", "Wrong answer, try again"},
-        {"Secret key not generated, alias <alias> already exists",
+        {"Wrong.answer.try.again", "Wrong answer, try again"},
+        {"Secret.key.not.generated.alias.alias.already.exists",
                 "Secret Key not generated, alias <{0}> already exists"},
-        {"Please provide -keysize for secret key generation",
+        {"Please.provide.keysize.for.secret.key.generation",
                 "Please provide -keysize for secret key generation"},
 
-        {"Extensions: ", "Extensions: "},
-        {"(Empty value)", "(Empty value)"},
-        {"Extension Request:", "Extension Request:"},
-        {"PKCS #10 Certificate Request (Version 1.0)\n" +
-                "Subject: %s\nPublic Key: %s format %s key\n",
+        {"Extensions.", "Extensions: "},
+        {".Empty.value.", "(Empty value)"},
+        {"Extension.Request.", "Extension Request:"},
+        {"PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key.",
                 "PKCS #10 Certificate Request (Version 1.0)\n" +
                 "Subject: %s\nPublic Key: %s format %s key\n"},
-        {"Unknown keyUsage type: ", "Unknown keyUsage type: "},
-        {"Unknown extendedkeyUsage type: ", "Unknown extendedkeyUsage type: "},
-        {"Unknown AccessDescription type: ", "Unknown AccessDescription type: "},
-        {"Unrecognized GeneralName type: ", "Unrecognized GeneralName type: "},
-        {"This extension cannot be marked as critical. ",
+        {"Unknown.keyUsage.type.", "Unknown keyUsage type: "},
+        {"Unknown.extendedkeyUsage.type.", "Unknown extendedkeyUsage type: "},
+        {"Unknown.AccessDescription.type.", "Unknown AccessDescription type: "},
+        {"Unrecognized.GeneralName.type.", "Unrecognized GeneralName type: "},
+        {"This.extension.cannot.be.marked.as.critical.",
                  "This extension cannot be marked as critical. "},
-        {"Odd number of hex digits found: ", "Odd number of hex digits found: "},
-        {"Unknown extension type: ", "Unknown extension type: "},
-        {"command {0} is ambiguous:", "command {0} is ambiguous:"},
+        {"Odd.number.of.hex.digits.found.", "Odd number of hex digits found: "},
+        {"Unknown.extension.type.", "Unknown extension type: "},
+        {"command.{0}.is.ambiguous.", "command {0} is ambiguous:"},
 
         // policytool
-        {"Warning: A public key for alias 'signers[i]' does not exist.  Make sure a KeyStore is properly configured.",
+        {"Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.",
                 "Warning: A public key for alias {0} does not exist.  Make sure a KeyStore is properly configured."},
-        {"Warning: Class not found: class", "Warning: Class not found: {0}"},
-        {"Warning: Invalid argument(s) for constructor: arg",
+        {"Warning.Class.not.found.class", "Warning: Class not found: {0}"},
+        {"Warning.Invalid.argument.s.for.constructor.arg",
                 "Warning: Invalid argument(s) for constructor: {0}"},
-        {"Illegal Principal Type: type", "Illegal Principal Type: {0}"},
-        {"Illegal option: option", "Illegal option: {0}"},
-        {"Usage: policytool [options]", "Usage: policytool [options]"},
-        {"  [-file <file>]    policy file location",
+        {"Illegal.Principal.Type.type", "Illegal Principal Type: {0}"},
+        {"Illegal.option.option", "Illegal option: {0}"},
+        {"Usage.policytool.options.", "Usage: policytool [options]"},
+        {".file.file.policy.file.location",
                 "  [-file <file>]    policy file location"},
         {"New", "New"},
         {"Open", "Open"},
         {"Save", "Save"},
-        {"Save As", "Save As"},
-        {"View Warning Log", "View Warning Log"},
+        {"Save.As", "Save As"},
+        {"View.Warning.Log", "View Warning Log"},
         {"Exit", "Exit"},
-        {"Add Policy Entry", "Add Policy Entry"},
-        {"Edit Policy Entry", "Edit Policy Entry"},
-        {"Remove Policy Entry", "Remove Policy Entry"},
+        {"Add.Policy.Entry", "Add Policy Entry"},
+        {"Edit.Policy.Entry", "Edit Policy Entry"},
+        {"Remove.Policy.Entry", "Remove Policy Entry"},
         {"Edit", "Edit"},
         {"Retain", "Retain"},
 
-        {"Warning: File name may include escaped backslash characters. " +
-                        "It is not necessary to escape backslash characters " +
-                        "(the tool escapes characters as necessary when writing " +
-                        "the policy contents to the persistent store).\n\n" +
-                        "Click on Retain to retain the entered name, or click on " +
-                        "Edit to edit the name.",
+        {"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes",
             "Warning: File name may include escaped backslash characters. " +
                         "It is not necessary to escape backslash characters " +
                         "(the tool escapes characters as necessary when writing " +
@@ -470,203 +464,203 @@
                         "Click on Retain to retain the entered name, or click on " +
                         "Edit to edit the name."},
 
-        {"Add Public Key Alias", "Add Public Key Alias"},
-        {"Remove Public Key Alias", "Remove Public Key Alias"},
+        {"Add.Public.Key.Alias", "Add Public Key Alias"},
+        {"Remove.Public.Key.Alias", "Remove Public Key Alias"},
         {"File", "File"},
         {"KeyStore", "KeyStore"},
-        {"Policy File:", "Policy File:"},
-        {"Could not open policy file: policyFile: e.toString()",
+        {"Policy.File.", "Policy File:"},
+        {"Could.not.open.policy.file.policyFile.e.toString.",
                 "Could not open policy file: {0}: {1}"},
-        {"Policy Tool", "Policy Tool"},
-        {"Errors have occurred while opening the policy configuration.  View the Warning Log for more information.",
+        {"Policy.Tool", "Policy Tool"},
+        {"Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.",
                 "Errors have occurred while opening the policy configuration.  View the Warning Log for more information."},
         {"Error", "Error"},
         {"OK", "OK"},
         {"Status", "Status"},
         {"Warning", "Warning"},
-        {"Permission:                                                       ",
+        {"Permission.",
                 "Permission:                                                       "},
-        {"Principal Type:", "Principal Type:"},
-        {"Principal Name:", "Principal Name:"},
-        {"Target Name:                                                    ",
+        {"Principal.Type.", "Principal Type:"},
+        {"Principal.Name.", "Principal Name:"},
+        {"Target.Name.",
                 "Target Name:                                                    "},
-        {"Actions:                                                             ",
+        {"Actions.",
                 "Actions:                                                             "},
-        {"OK to overwrite existing file filename?",
+        {"OK.to.overwrite.existing.file.filename.",
                 "OK to overwrite existing file {0}?"},
         {"Cancel", "Cancel"},
-        {"CodeBase:", "CodeBase:"},
-        {"SignedBy:", "SignedBy:"},
-        {"Add Principal", "Add Principal"},
-        {"Edit Principal", "Edit Principal"},
-        {"Remove Principal", "Remove Principal"},
-        {"Principals:", "Principals:"},
-        {"  Add Permission", "  Add Permission"},
-        {"  Edit Permission", "  Edit Permission"},
-        {"Remove Permission", "Remove Permission"},
+        {"CodeBase.", "CodeBase:"},
+        {"SignedBy.", "SignedBy:"},
+        {"Add.Principal", "Add Principal"},
+        {"Edit.Principal", "Edit Principal"},
+        {"Remove.Principal", "Remove Principal"},
+        {"Principals.", "Principals:"},
+        {".Add.Permission", "  Add Permission"},
+        {".Edit.Permission", "  Edit Permission"},
+        {"Remove.Permission", "Remove Permission"},
         {"Done", "Done"},
-        {"KeyStore URL:", "KeyStore URL:"},
-        {"KeyStore Type:", "KeyStore Type:"},
-        {"KeyStore Provider:", "KeyStore Provider:"},
-        {"KeyStore Password URL:", "KeyStore Password URL:"},
+        {"KeyStore.URL.", "KeyStore URL:"},
+        {"KeyStore.Type.", "KeyStore Type:"},
+        {"KeyStore.Provider.", "KeyStore Provider:"},
+        {"KeyStore.Password.URL.", "KeyStore Password URL:"},
         {"Principals", "Principals"},
-        {"  Edit Principal:", "  Edit Principal:"},
-        {"  Add New Principal:", "  Add New Principal:"},
+        {".Edit.Principal.", "  Edit Principal:"},
+        {".Add.New.Principal.", "  Add New Principal:"},
         {"Permissions", "Permissions"},
-        {"  Edit Permission:", "  Edit Permission:"},
-        {"  Add New Permission:", "  Add New Permission:"},
-        {"Signed By:", "Signed By:"},
-        {"Cannot Specify Principal with a Wildcard Class without a Wildcard Name",
+        {".Edit.Permission.", "  Edit Permission:"},
+        {".Add.New.Permission.", "  Add New Permission:"},
+        {"Signed.By.", "Signed By:"},
+        {"Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name",
             "Cannot Specify Principal with a Wildcard Class without a Wildcard Name"},
-        {"Cannot Specify Principal without a Name",
+        {"Cannot.Specify.Principal.without.a.Name",
             "Cannot Specify Principal without a Name"},
-        {"Permission and Target Name must have a value",
+        {"Permission.and.Target.Name.must.have.a.value",
                 "Permission and Target Name must have a value"},
-        {"Remove this Policy Entry?", "Remove this Policy Entry?"},
-        {"Overwrite File", "Overwrite File"},
-        {"Policy successfully written to filename",
+        {"Remove.this.Policy.Entry.", "Remove this Policy Entry?"},
+        {"Overwrite.File", "Overwrite File"},
+        {"Policy.successfully.written.to.filename",
                 "Policy successfully written to {0}"},
-        {"null filename", "null filename"},
-        {"Save changes?", "Save changes?"},
+        {"null.filename", "null filename"},
+        {"Save.changes.", "Save changes?"},
         {"Yes", "Yes"},
         {"No", "No"},
-        {"Policy Entry", "Policy Entry"},
-        {"Save Changes", "Save Changes"},
-        {"No Policy Entry selected", "No Policy Entry selected"},
-        {"Unable to open KeyStore: ex.toString()",
+        {"Policy.Entry", "Policy Entry"},
+        {"Save.Changes", "Save Changes"},
+        {"No.Policy.Entry.selected", "No Policy Entry selected"},
+        {"Unable.to.open.KeyStore.ex.toString.",
                 "Unable to open KeyStore: {0}"},
-        {"No principal selected", "No principal selected"},
-        {"No permission selected", "No permission selected"},
+        {"No.principal.selected", "No principal selected"},
+        {"No.permission.selected", "No permission selected"},
         {"name", "name"},
-        {"configuration type", "configuration type"},
-        {"environment variable name", "environment variable name"},
-        {"library name", "library name"},
-        {"package name", "package name"},
-        {"policy type", "policy type"},
-        {"property name", "property name"},
-        {"Principal List", "Principal List"},
-        {"Permission List", "Permission List"},
-        {"Code Base", "Code Base"},
-        {"KeyStore U R L:", "KeyStore U R L:"},
-        {"KeyStore Password U R L:", "KeyStore Password U R L:"},
+        {"configuration.type", "configuration type"},
+        {"environment.variable.name", "environment variable name"},
+        {"library.name", "library name"},
+        {"package.name", "package name"},
+        {"policy.type", "policy type"},
+        {"property.name", "property name"},
+        {"Principal.List", "Principal List"},
+        {"Permission.List", "Permission List"},
+        {"Code.Base", "Code Base"},
+        {"KeyStore.U.R.L.", "KeyStore U R L:"},
+        {"KeyStore.Password.U.R.L.", "KeyStore Password U R L:"},
 
 
         // javax.security.auth.PrivateCredentialPermission
-        {"invalid null input(s)", "invalid null input(s)"},
-        {"actions can only be 'read'", "actions can only be 'read'"},
-        {"permission name [name] syntax invalid: ",
+        {"invalid.null.input.s.", "invalid null input(s)"},
+        {"actions.can.only.be.read.", "actions can only be 'read'"},
+        {"permission.name.name.syntax.invalid.",
                 "permission name [{0}] syntax invalid: "},
-        {"Credential Class not followed by a Principal Class and Name",
+        {"Credential.Class.not.followed.by.a.Principal.Class.and.Name",
                 "Credential Class not followed by a Principal Class and Name"},
-        {"Principal Class not followed by a Principal Name",
+        {"Principal.Class.not.followed.by.a.Principal.Name",
                 "Principal Class not followed by a Principal Name"},
-        {"Principal Name must be surrounded by quotes",
+        {"Principal.Name.must.be.surrounded.by.quotes",
                 "Principal Name must be surrounded by quotes"},
-        {"Principal Name missing end quote",
+        {"Principal.Name.missing.end.quote",
                 "Principal Name missing end quote"},
-        {"PrivateCredentialPermission Principal Class can not be a wildcard (*) value if Principal Name is not a wildcard (*) value",
+        {"PrivateCredentialPermission.Principal.Class.can.not.be.a.wildcard.value.if.Principal.Name.is.not.a.wildcard.value",
                 "PrivateCredentialPermission Principal Class can not be a wildcard (*) value if Principal Name is not a wildcard (*) value"},
-        {"CredOwner:\n\tPrincipal Class = class\n\tPrincipal Name = name",
+        {"CredOwner.Principal.Class.class.Principal.Name.name",
                 "CredOwner:\n\tPrincipal Class = {0}\n\tPrincipal Name = {1}"},
 
         // javax.security.auth.x500
-        {"provided null name", "provided null name"},
-        {"provided null keyword map", "provided null keyword map"},
-        {"provided null OID map", "provided null OID map"},
+        {"provided.null.name", "provided null name"},
+        {"provided.null.keyword.map", "provided null keyword map"},
+        {"provided.null.OID.map", "provided null OID map"},
 
         // javax.security.auth.Subject
-        {"invalid null AccessControlContext provided",
+        {"invalid.null.AccessControlContext.provided",
                 "invalid null AccessControlContext provided"},
-        {"invalid null action provided", "invalid null action provided"},
-        {"invalid null Class provided", "invalid null Class provided"},
-        {"Subject:\n", "Subject:\n"},
-        {"\tPrincipal: ", "\tPrincipal: "},
-        {"\tPublic Credential: ", "\tPublic Credential: "},
-        {"\tPrivate Credentials inaccessible\n",
+        {"invalid.null.action.provided", "invalid null action provided"},
+        {"invalid.null.Class.provided", "invalid null Class provided"},
+        {"Subject.", "Subject:\n"},
+        {".Principal.", "\tPrincipal: "},
+        {".Public.Credential.", "\tPublic Credential: "},
+        {".Private.Credentials.inaccessible.",
                 "\tPrivate Credentials inaccessible\n"},
-        {"\tPrivate Credential: ", "\tPrivate Credential: "},
-        {"\tPrivate Credential inaccessible\n",
+        {".Private.Credential.", "\tPrivate Credential: "},
+        {".Private.Credential.inaccessible.",
                 "\tPrivate Credential inaccessible\n"},
-        {"Subject is read-only", "Subject is read-only"},
-        {"attempting to add an object which is not an instance of java.security.Principal to a Subject's Principal Set",
+        {"Subject.is.read.only", "Subject is read-only"},
+        {"attempting.to.add.an.object.which.is.not.an.instance.of.java.security.Principal.to.a.Subject.s.Principal.Set",
                 "attempting to add an object which is not an instance of java.security.Principal to a Subject's Principal Set"},
-        {"attempting to add an object which is not an instance of class",
+        {"attempting.to.add.an.object.which.is.not.an.instance.of.class",
                 "attempting to add an object which is not an instance of {0}"},
 
         // javax.security.auth.login.AppConfigurationEntry
-        {"LoginModuleControlFlag: ", "LoginModuleControlFlag: "},
+        {"LoginModuleControlFlag.", "LoginModuleControlFlag: "},
 
         // javax.security.auth.login.LoginContext
-        {"Invalid null input: name", "Invalid null input: name"},
-        {"No LoginModules configured for name",
+        {"Invalid.null.input.name", "Invalid null input: name"},
+        {"No.LoginModules.configured.for.name",
          "No LoginModules configured for {0}"},
-        {"invalid null Subject provided", "invalid null Subject provided"},
-        {"invalid null CallbackHandler provided",
+        {"invalid.null.Subject.provided", "invalid null Subject provided"},
+        {"invalid.null.CallbackHandler.provided",
                 "invalid null CallbackHandler provided"},
-        {"null subject - logout called before login",
+        {"null.subject.logout.called.before.login",
                 "null subject - logout called before login"},
-        {"unable to instantiate LoginModule, module, because it does not provide a no-argument constructor",
+        {"unable.to.instantiate.LoginModule.module.because.it.does.not.provide.a.no.argument.constructor",
                 "unable to instantiate LoginModule, {0}, because it does not provide a no-argument constructor"},
-        {"unable to instantiate LoginModule",
+        {"unable.to.instantiate.LoginModule",
                 "unable to instantiate LoginModule"},
-        {"unable to instantiate LoginModule: ",
+        {"unable.to.instantiate.LoginModule.",
                 "unable to instantiate LoginModule: "},
-        {"unable to find LoginModule class: ",
+        {"unable.to.find.LoginModule.class.",
                 "unable to find LoginModule class: "},
-        {"unable to access LoginModule: ",
+        {"unable.to.access.LoginModule.",
                 "unable to access LoginModule: "},
-        {"Login Failure: all modules ignored",
+        {"Login.Failure.all.modules.ignored",
                 "Login Failure: all modules ignored"},
 
         // sun.security.provider.PolicyFile
 
-        {"java.security.policy: error parsing policy:\n\tmessage",
+        {"java.security.policy.error.parsing.policy.message",
                 "java.security.policy: error parsing {0}:\n\t{1}"},
-        {"java.security.policy: error adding Permission, perm:\n\tmessage",
+        {"java.security.policy.error.adding.Permission.perm.message",
                 "java.security.policy: error adding Permission, {0}:\n\t{1}"},
-        {"java.security.policy: error adding Entry:\n\tmessage",
+        {"java.security.policy.error.adding.Entry.message",
                 "java.security.policy: error adding Entry:\n\t{0}"},
-        {"alias name not provided (pe.name)", "alias name not provided ({0})"},
-        {"unable to perform substitution on alias, suffix",
+        {"alias.name.not.provided.pe.name.", "alias name not provided ({0})"},
+        {"unable.to.perform.substitution.on.alias.suffix",
                 "unable to perform substitution on alias, {0}"},
-        {"substitution value, prefix, unsupported",
+        {"substitution.value.prefix.unsupported",
                 "substitution value, {0}, unsupported"},
-        {"(", "("},
-        {")", ")"},
-        {"type can't be null","type can't be null"},
+        {"LPARAM", "("},
+        {"RPARAM", ")"},
+        {"type.can.t.be.null","type can't be null"},
 
         // sun.security.provider.PolicyParser
-        {"keystorePasswordURL can not be specified without also specifying keystore",
+        {"keystorePasswordURL.can.not.be.specified.without.also.specifying.keystore",
                 "keystorePasswordURL can not be specified without also specifying keystore"},
-        {"expected keystore type", "expected keystore type"},
-        {"expected keystore provider", "expected keystore provider"},
-        {"multiple Codebase expressions",
+        {"expected.keystore.type", "expected keystore type"},
+        {"expected.keystore.provider", "expected keystore provider"},
+        {"multiple.Codebase.expressions",
                 "multiple Codebase expressions"},
-        {"multiple SignedBy expressions","multiple SignedBy expressions"},
-        {"SignedBy has empty alias","SignedBy has empty alias"},
-        {"can not specify Principal with a wildcard class without a wildcard name",
+        {"multiple.SignedBy.expressions","multiple SignedBy expressions"},
+        {"SignedBy.has.empty.alias","SignedBy has empty alias"},
+        {"can.not.specify.Principal.with.a.wildcard.class.without.a.wildcard.name",
                 "can not specify Principal with a wildcard class without a wildcard name"},
-        {"expected codeBase or SignedBy or Principal",
+        {"expected.codeBase.or.SignedBy.or.Principal",
                 "expected codeBase or SignedBy or Principal"},
-        {"expected permission entry", "expected permission entry"},
-        {"number ", "number "},
-        {"expected [expect], read [end of file]",
+        {"expected.permission.entry", "expected permission entry"},
+        {"number.", "number "},
+        {"expected.expect.read.end.of.file.",
                 "expected [{0}], read [end of file]"},
-        {"expected [;], read [end of file]",
+        {"expected.read.end.of.file.",
                 "expected [;], read [end of file]"},
-        {"line number: msg", "line {0}: {1}"},
-        {"line number: expected [expect], found [actual]",
+        {"line.number.msg", "line {0}: {1}"},
+        {"line.number.expected.expect.found.actual.",
                 "line {0}: expected [{1}], found [{2}]"},
-        {"null principalClass or principalName",
+        {"null.principalClass.or.principalName",
                 "null principalClass or principalName"},
 
         // sun.security.pkcs11.SunPKCS11
-        {"PKCS11 Token [providerName] Password: ",
+        {"PKCS11.Token.providerName.Password.",
                 "PKCS11 Token [{0}] Password: "},
 
         /* --- DEPRECATED --- */
         // javax.security.auth.Policy
-        {"unable to instantiate Subject-based policy",
+        {"unable.to.instantiate.Subject.based.policy",
                 "unable to instantiate Subject-based policy"}
     };
 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/util/Resources/NewNamesFormat.java	Thu Nov 11 15:51:12 2010 +0800
@@ -0,0 +1,74 @@
+/*
+ * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 6987827
+ * @summary security/util/Resources.java needs improvement
+ */
+
+
+import java.lang.reflect.Method;
+import java.util.HashSet;
+import java.util.Set;
+
+/**
+ * This test makes sure that the keys in resources files are using the new
+ * format and there is no duplication.
+ */
+public class NewNamesFormat {
+    public static void main(String[] args) throws Exception {
+        checkRes("sun.security.util.Resources");
+        checkRes("sun.security.util.AuthResources");
+        checkRes("sun.security.tools.JarSignerResources");
+    }
+
+    private static void checkRes(String resName) throws Exception {
+        System.out.println("Checking " + resName + "...");
+        Class clazz = Class.forName(resName);
+        Method m = clazz.getMethod("getContents");
+        Object[][] contents = (Object[][])m.invoke(clazz.newInstance());
+        Set<String> keys = new HashSet<String>();
+        for (Object[] pair: contents) {
+            String key = (String)pair[0];
+            if (keys.contains(key)) {
+                System.out.println("Found dup: " + key);
+                throw new Exception();
+            }
+            checkKey(key);
+            keys.add(key);
+        }
+    }
+
+    private static void checkKey(String key) throws Exception {
+        for (char c: key.toCharArray()) {
+            if (Character.isLetter(c) || Character.isDigit(c) ||
+                    c == '{' || c == '}' || c == '.') {
+                // OK
+            } else {
+                System.out.println("Illegal char [" + c + "] in key: " + key);
+                throw new Exception();
+            }
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/util/Resources/NewResourcesNames.java	Thu Nov 11 15:51:12 2010 +0800
@@ -0,0 +1,439 @@
+/*
+ * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.io.BufferedReader;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.InputStreamReader;
+import java.io.PrintWriter;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.ListResourceBundle;
+import java.util.Map;
+import java.util.Set;
+
+/**
+ * Prepares new key names for Resources.java.
+ * 6987827: security/util/Resources.java needs improvement
+ *
+ * Run inside jdk/src/share/classes:
+ *
+ *      java NewResourcesNames $(
+ *          for a in $(find com/sun/security sun/security javax/security -type f); do
+ *              egrep -q '(ResourcesMgr.getString|rb.getString)' $a && echo $a
+ *          done)
+ *
+ * Before running this tool, run the following two commands to make sure there
+ * are only these 2 types of calls into the resources:
+ *      for a in `find com/sun/security sun/security javax/security -type f`; do
+ *          cat $a | perl -ne 'print if /\bResourcesMgr\b/'; done |
+ *          grep -v ResourcesMgr.getString
+ *      for a in `find com/sun/security sun/security -type f`; do
+ *          cat $a | perl -ne 'print if /\brb\b/'; done |
+ *          grep -v rb.getString
+ */
+class NewResourcesNames {
+
+    // Max length of normalized names
+    static int MAXLEN = 127;
+
+    static String[] resources = {
+        "sun/security/tools/JarSignerResources.java",
+        "sun/security/util/Resources.java",
+        "sun/security/util/AuthResources.java",
+    };
+
+    public static void main(String[] args) throws Exception {
+
+        // Load all names inside resources files
+        Map<String,String> allnames = loadResources();
+
+        // Modify the callers. There are two patterns:
+        // 1. ResourcesMgr.getString("
+        //    used by most JAAS codes
+        // 2. rb.getString("
+        //    used by tools
+        Set<String> allfound = new HashSet<String>();
+        for (String arg: args) {
+            allfound.addAll(rewriteFile(arg, "ResourcesMgr.getString(\""));
+            allfound.addAll(rewriteFile(arg, "rb.getString(\""));
+        }
+
+        // Special case 1: KeyTool's enum definition of commands and options
+        allfound.addAll(keyToolEnums());
+
+        // Special case 2: PolicyFile called this 4 times
+        allfound.addAll(rewriteFile("sun/security/provider/PolicyFile.java",
+                "ResourcesMgr.getString(POLICY+\""));
+
+        // During the calls above, you can read sth like:
+        //
+        //      Working on com/sun/security/auth/PolicyParser.java
+        //          GOOD  match is 17
+        //
+        // This means a " exists right after getString(. Sometimes you see
+        //
+        //      Working on sun/security/tools/KeyTool.java
+        //          BAD!! pmatch != match: 212 != 209
+        //      Working on sun/security/provider/PolicyFile.java
+        //          BAD!! pmatch != match: 14 != 10
+        //
+        // which is mismatch. There are only two such special cases list above.
+        // For KeyTool, there are 3 calls for showing help. For PolicyTool, 3
+        // for name prefixed with POLICY. They are covered in the two special
+        // cases above.
+
+        // Names used but not defined. This is mostly error, except for
+        // special case 2 above. So it's OK to see 3 entries red here
+        if (!allnames.keySet().containsAll(allfound)) {
+            err("FATAL: Undefined names");
+            for (String name: allfound) {
+                if (!allnames.keySet().contains(name)) {
+                    err("   " + name);
+                }
+            }
+        }
+
+        // Names defined but not used. Mostly this is old entries not removed.
+        // When soemone remove a line of code, he dares not remove the entry
+        // in case it's also used somewhere else.
+        if (!allfound.containsAll(allnames.keySet())) {
+            System.err.println("WARNING: Unused names");
+            for (String name: allnames.keySet()) {
+                if (!allfound.contains(name)) {
+                    System.err.println(allnames.get(name));
+                    System.err.println("  " + normalize(name));
+                    System.err.println("  [" + name + "]");
+                }
+            }
+        }
+    }
+
+
+    /**
+     * Loads the three resources files. Saves names into a Map.
+     */
+    private static Map<String,String> loadResources() throws Exception {
+
+        // Name vs Resource
+        Map<String,String> allnames = new HashMap<String,String>();
+
+        for (String f: resources) {
+            String clazz =
+                    f.replace('/', '.').substring(0, f.length()-5);
+
+            Set<String> expected = loadClass(clazz);
+            Set<String> found = rewriteFile(f, "{\"");
+
+            // This is to check that word parsing is identical to Java thinks
+            if (!expected.equals(found)) {
+                throw new Exception("Expected and found do not match");
+            }
+
+            for (String name: found) {
+                allnames.put(name, f);
+            }
+        }
+        return allnames;
+    }
+
+    /**
+     * Special case treat for enums description in KeyTool
+     */
+    private static Set<String> keyToolEnums() throws Exception {
+
+        Set<String> names = new HashSet<String>();
+
+        String file = "sun/security/tools/KeyTool.java";
+        System.err.println("Working on " + file);
+        File origFile = new File(file);
+        File tmpFile = new File(file + ".tmp");
+        origFile.renameTo(tmpFile);
+        tmpFile.deleteOnExit();
+
+        BufferedReader br = new BufferedReader(
+                new InputStreamReader(new FileInputStream(tmpFile)));
+        PrintWriter out = new PrintWriter(new FileOutputStream(origFile));
+
+        int stage = 0;  // 1. commands, 2. options, 3. finished
+        int match = 0;
+
+        while (true) {
+            String s = br.readLine();
+            if (s == null) {
+                break;
+            }
+            if (s.indexOf("enum Command") >= 0) stage = 1;
+            else if (s.indexOf("enum Option") >= 0) stage = 2;
+            else if (s.indexOf("private static final String JKS") >= 0) stage = 3;
+
+            if (stage == 1 || stage == 2) {
+                if (s.indexOf("(\"") >= 0) {
+                    match++;
+                    int p1, p2;
+                    if (stage == 1) {
+                        p1 = s.indexOf("\"");
+                        p2 = s.indexOf("\"", p1+1);
+                    } else {
+                        p2 = s.lastIndexOf("\"");
+                        p1 = s.lastIndexOf("\"", p2-1);
+                    }
+                    String name = s.substring(p1+1, p2);
+                    names.add(name);
+                    out.println(s.substring(0, p1+1) +
+                            normalize(name) +
+                            s.substring(p2));
+                } else {
+                    out.println(s);
+                }
+            } else {
+                out.println(s);
+            }
+        }
+        br.close();
+        out.close();
+        System.err.println("    GOOD  match is " + match);
+        return names;
+    }
+
+    /**
+     * Loads a resources using JRE and returns the names
+     */
+    private static Set<String> loadClass(String clazz) throws Exception {
+        ListResourceBundle lrb =
+                (ListResourceBundle)Class.forName(clazz).newInstance();
+        Set<String> keys = lrb.keySet();
+        Map<String,String> newold = new HashMap<String,String>();
+        boolean dup = false;
+        // Check if normalize() creates dup entries. This is crucial.
+        for (String k: keys) {
+            String key = normalize(k);
+            if (newold.containsKey(key)) {
+                err("Dup found for " + key + ":");
+                err("["+newold.get(key)+"]");
+                err("["+k+"]");
+                dup = true;
+            }
+            newold.put(key, k);
+        }
+        if (dup) throw new Exception();
+        return keys;
+    }
+
+    /**
+     * Rewrites a file using a pattern. The name string should be right after
+     * the pattern. Note: pattern ignores whitespaces. Returns names found.
+     */
+    private static Set<String> rewriteFile(String file, String pattern)
+            throws Exception {
+
+        System.err.println("Working on " + file);
+        Set<String> names = new HashSet<String>();
+
+        int plen = pattern.length();
+        int match = 0;
+
+        // The bare XXX.getString is also matched. Sometimes getString is
+        // called but does not use literal strings. This is harder to solve.
+
+        int pmatch = 0;
+        int pheadlen = plen - 2;
+        String phead = pattern.substring(0, plen-2);
+
+        // The non-whitespace chars read since, used to check for pattern
+        StringBuilder history = new StringBuilder();
+        int hlen = 0;
+
+        File origFile = new File(file);
+        File tmpFile = new File(file + ".tmp");
+        origFile.renameTo(tmpFile);
+        tmpFile.deleteOnExit();
+
+        FileInputStream fis = new FileInputStream(tmpFile);
+        FileOutputStream fos = new FileOutputStream(origFile);
+
+        while (true) {
+            int ch = fis.read();
+            if (ch < 0) break;
+            if (!Character.isWhitespace(ch)) {
+                history.append((char)ch);
+                hlen++;
+                if (pheadlen > 0 && hlen >= pheadlen &&
+                        history.substring(hlen-pheadlen, hlen).equals(phead)) {
+                    pmatch++;
+                }
+            }
+
+            if (hlen >= plen &&
+                    history.substring(hlen-plen, hlen).equals(pattern)) {
+                match++;
+                history = new StringBuilder();
+                hlen = 0;
+
+                fos.write(ch);
+
+                // Save a name
+                StringBuilder sb = new StringBuilder();
+                // Save things after the second ". Maybe it's an end, maybe
+                // it's just literal string concatenation.
+                StringBuilder tail = new StringBuilder();
+
+                boolean in = true;  // inside name string
+                while (true) {
+                    int n = fis.read();
+                    if (in) {
+                        if (n == '\\') {
+                            int second = fis.read();
+                            switch (second) {
+                                case 'n': sb.append('\n'); break;
+                                case 'r': sb.append('\r'); break;
+                                case 't': sb.append('\t'); break;
+                                case '"': sb.append('"'); break;
+                                default: throw new Exception(String.format(
+                                        "I don't know this escape: %s%c",
+                                        sb.toString(), second));
+                            }
+                        } else if (n == '"') {
+                            in = false;
+                            // Maybe string concat? say bytes until clear
+                            tail = new StringBuilder();
+                            tail.append('"');
+                        } else {
+                            sb.append((char)n);
+                        }
+                    } else {
+                        tail.append((char)n);
+                        if (n == '"') { // string concat, in again
+                            in = true;
+                        } else if (n == ',' || n == ')') {  // real end
+                            break;
+                        } else if (Character.isWhitespace(n) || n == '+') {
+                            // string concat
+                        } else {
+                            throw new Exception("Not a correct concat");
+                        }
+                    }
+                }
+                String s = sb.toString();
+                names.add(s);
+                fos.write(normalize(s).getBytes());
+                fos.write(tail.toString().getBytes());
+            } else {
+                fos.write(ch);
+            }
+        }
+
+        // Check pheadlen > 0. Don't want to mess with rewrite for resources
+        if (pheadlen > 0 && pmatch != match) {
+            err("    BAD!! pmatch != match: " + pmatch + " != " + match);
+        } else {
+            System.err.println("    GOOD  match is " + match);
+        }
+
+        fis.close();
+        fos.close();
+        return names;
+    }
+
+    /**
+     * Normalize a string. Rules:
+     *
+     * 1. If all spacebar return "nSPACE", n is count
+     * 2. If consisting at least one alphanumeric:
+     *   a. All alphanumeric remain
+     *   b. All others in a row goes to a single ".", even if at head or tail
+     * 3. Otherwise:
+     *   a. "****\n\n" to "STARNN", special case
+     *   b. the English name if first char in *,.\n():'"
+     *
+     * Current observations show there's no dup, Hurray! Otherwise, add more
+     * special cases.
+     */
+    private static String normalize(String s) throws Exception {
+        boolean needDot = false;
+
+        // All spacebar case
+        int n = 0;
+        for (char c: s.toCharArray()) {
+            if (c == ' ') n++;
+            else n = -10000;
+        }
+        if (n == 1) return "SPACE";
+        else if (n > 1) return "" + n + "SPACE";
+
+        StringBuilder sb = new StringBuilder();
+        int dotpos = -1;
+        for (int i=0; i<s.length(); i++) {
+            char c = s.charAt(i);
+            if (Character.isLetter(c) || Character.isDigit(c) ||
+                    c == '{' || c == '}') {
+                if (needDot) {
+                    // Rememeber the last dot, we want shorter form nice
+                    if (sb.length() <= MAXLEN) dotpos = sb.length();
+                    // "." only added when an alphanumeric is seen. This makes
+                    // sure sb is empty when there's no alphanumerics at all
+                    sb.append(".");
+                }
+                sb.append(c);
+                needDot = false;
+            } else {
+                needDot = true;
+            }
+        }
+
+        // No alphanemeric?
+        if (sb.length() == 0) {
+            if (s.contains("*") && s.contains("\n")) {
+                return "STARNN";
+            }
+            for (char c: s.toCharArray()) {
+                switch (c) {
+                    case '*': return "STAR";
+                    case ',': return "COMMA";
+                    case '.': return "PERIOD";
+                    case '\n': return "NEWLINE";
+                    case '(': return "LPARAM";
+                    case ')': return "RPARAM";
+                    case ':': return "COLON";
+                    case '\'': case '"': return "QUOTE";
+                }
+            }
+            throw new Exception("Unnamed char: [" + s + "]");
+        }
+
+        // tail "." only added when there are alphanumerics
+        if (needDot) sb.append('.');
+        String res = sb.toString();
+        if (res.length() > MAXLEN) {
+            if (dotpos < 0) throw new Exception("No dot all over? " + s);
+            return res.substring(0, dotpos);
+        } else {
+            return res;
+        }
+    }
+
+    private static void err(String string) {
+        System.out.println("\u001b[1;37;41m" + string + "\u001b[m");
+    }
+}