On 20/06/2023 9:08 pm, Andrew Dinn wrote:
We have already provided better ways to address security concerns
Maybe the documentation hasn't been updated, I can't find the "better
ways" to do authorization, unless it's not considered a security concern
any more. But I don't feel like
On 20/06/2023 9:04 pm, Ron Pressler wrote:
On 20 Jun 2023, at 06:26, Peter Firmstone wrote:
Don't get me wrong, it's good that OpenJDK is improving encapsulation, it's
just OpenJDK is also undoing years of tested and hardened API's,
You probably meant that as a bad thing, but I read it as
On Tue, 20 Jun 2023 10:55:12 GMT, Alan Bateman wrote:
> I think we've converged on the right motivation. If would be good to check if
> there are TLS tests that could run with --limit-modules java.base, that would
> give confidence that the API/implementation will work when the run-time image
On Mon, 19 Jun 2023 15:36:15 GMT, Cesar Soares Lucas
wrote:
> Can I ask what requirements are there for a product flag?
Product flags are treated as part of public API of the JVM. So, changes in
behavior have to through CSR process. Also, a product flag has to be
deprecated/obsoleted first
On 20/06/2023 11:27, Peter Firmstone wrote:
I understand the economic motivations behind the decision, call that a
corporate plot if you like. Do I have to be happy about it? No.
Well, no, actually ... I won't call it that. Indeed, you are signally
missing (or evading) my point with that
> On 20 Jun 2023, at 06:26, Peter Firmstone wrote:
>
> Don't get me wrong, it's good that OpenJDK is improving encapsulation, it's
> just OpenJDK is also undoing years of tested and hardened API's,
You probably meant that as a bad thing, but I read it as thank you for serving
your users!
On Tue, 20 Jun 2023 00:57:46 GMT, Sean Mullan wrote:
> > Maybe you are thinking about the size of libsunec or non-technical issues
> > that meant it wasn't included by some distributions? There weren't an issue
> > with deciding which providers to include to java.base. I think the
> >
On Tue, 13 Jun 2023 20:36:28 GMT, Anthony Scarpino
wrote:
> Hi,
>
> I need a code review for moving the contents of the jdk.crypto.ec module into
> java.base. This moves the SunEC JCE Provider (Elliptic Curve) into
> java.base. EC has always been separate from the base module/pkg because
I understand the economic motivations behind the decision, call that a
corporate plot if you like. Do I have to be happy about it? No.
There is no practical way to reimplement authorization, at the
application level, without some underlying support from the JVM, if I
remove it from my
On 19/06/2023 23:44, Peter Firmstone wrote:
OpenJDK dev's have worked hard to improve encapsulation, however OpenJDK
has made it abundantly clear, that even if the community could maintain
and improve a feature, corporate has the final say and will do whatever
they want anyway, as much as I
10 matches
Mail list logo