Yuck lawyers :-)
I think the lawyers have already answered. The huge explanation in the
java.security file covers our responsibilities and where the user's
responsibilities starts. I believe what I'm talking about is just
implementation details.
Tony
On 08/24/2016 07:08 PM, Weijun Wang wrote:
I guess we need a lawyer to answer this question. :-)
On 8/25/2016 9:58, Anthony Scarpino wrote:
So by having no crypto.policy defined we have no JCA? Does that mean no
operations at all (No MessageDigest, etc) or no restrictable crypto ops?
Since we know a limited number of countries have import issues, can we
make no crypto.policy property defined as unlimited policy? Defining
the property would be for only limiting the access. We could get rid of
the unlimited policy file and just ship a limited policy file.
Tony
