Ah yes there is that issue of course. I fully understand the reasoning behind that. Too bad so many out there don't consider patent encumbering when designing systems (such as ePassport as an example).
Cheers, Tomas On 12/16/2010 08:05 PM, Sean Mullan wrote: > Right, but there are ECC patents that each vendor needs to consider on > their own. Since these are requirements that all Java SE 7 > implementations would have to support, it did not seem appropriate to > make any ECC algorithms required or in general any algorithm that may be > protected by patents. > > --Sean > > On 12/16/2010 09:40 AM, Tomas Gustavsson wrote: >> >> I don't see any ECC algorithms. These are in wide use today to say the >> least. And will be so even more tomorrow (i.e. when Java SE 7 is out you >> can not live without it). >> >> Regards, >> Tomas >> >> On 12/15/2010 04:11 PM, Sean Mullan wrote: >>> Hello, >>> >>> Currently, the Java security APIs do not specify algorithm requirements >>> for implementations of Java SE. This makes it difficult to develop >>> conformance tests. Additionally, there is no guarantee that Java >>> applications using these algorithms can inter-operate. See bug 5001004 >>> for more information: >>> http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=5001004 >>> >>> We will be addressing this issue in Java SE 7 by defining a list of >>> required algorithms that all implementations must support. This is the >>> criteria we used to decide if an algorithm should be required: >>> >>> a) the algorithm is required by the JRE itself (ex: when validating >>> signed jars) >>> b) the algorithm is required by a higher level Java SE API such as >>> JSSE/TLS or XML Signature >>> c) the algorithm is in wide use >>> >>> Please review the following list: >>> http://cr.openjdk.java.net/~mullan/5001004/review.00/StandardNames.html#impl >>> >>> >>> >>> >>> For each required algorithm, a corresponding section will be added to >>> the API class summary of the applicable engine class. For example, for >>> java.security.cert.CertificateFactory, the following paragraph will be >>> added: >>> >>> Every implementation of the Java platform is required to support the >>> following standard CertificateFactory type: >>> >>> * X.509 >>> >>> This type is described in the CertificateFactory section of the Java >>> Cryptography Architecture Standard Algorithm Names Document. Consult >>> the release documentation for your implementation to see if any other >>> types are supported. >>> >>> We are requesting feedback or any questions by December 22. >>> >>> Thanks, >>> Sean >>> >>> >>>
