On Aug 27, 2009, at 9:52 PM, Andrew John Hughes wrote:
The problem is more the fact that it's an additional copy rather than using the system installation, which means it has to be patched for bugs and security fixes separately. For IcedTea, I'll look at providing and using the option of using the system NSS and will also submit this for review here if there is interest in providing such an option.
Since Java security is already provider based, I guess you can simply write one provider named NSS and remove all other security.provider.<n> lines in jre/lib/security/java.security.
Max
