I just reviewed the new TrustManagerFactory, looks ok to me too.
Brad
On 9/15/2015 4:43 AM, Sean Mullan wrote:
On 09/04/2015 08:32 PM, Xuelei Fan wrote:
Looks fine to me.
One additional change. I have added PKIX as a required algorithm for
TrustManagerFactory. Please review the updated webrev:
http://cr.openjdk.java.net/~mullan/webrevs/8015388/webrev.01/
Thanks,
Sean
Xuelei
On 9/4/2015 11:51 PM, Sean Mullan wrote:
The JDK includes a list of required security algorithms that all
implementations must support:
http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#impl
This list is reviewed before each major release to check if new
algorithms should be added (or existing algorithms removed).
For JDK 9, we are proposing to add several new algorithms and keysizes
that are recommended by standards bodies for cryptographic operations
and security protocols. Adding these as requirements ensures that Java
applications can depend on them to be available on all Java 9
implementations. The new requirements are:
1. Signature: SHA256withDSA
2. KeyPairGenerator: DSA (2048), DiffieHellman (2048, 4096), RSA (4096)
3. AlgorithmParameterGenerator: DSA (2048), DiffieHellman (2048, 4096)
4. Cipher: AES/GCM/NoPadding (128), AES/GCM/PKCS5Padding (128)
5. SSLContext: TLSv1.1, TLSv1.2
webrev: http://cr.openjdk.java.net/~mullan/webrevs/8015388/webrev.00/
Thanks,
Sean
