On Wed, 7 Oct 2020 22:49:09 GMT, Weijun Wang <wei...@openjdk.org> wrote:
>> CSR looks good. In "Sepcification" section: a typo in 'Thr iteration counts >> used by'. At the end, it describes the new >> system property will override the security properties and use the older and >> weaker algorithms, so suggest we could also >> add text about setting the iteration counts to the default legacy values. > > CSR updated. More description, and iteration counts lowered to 10000. Will > update code soon. New commit updating ic to 10000. I also created separate constants for DEFAULT_CERT_PBE_ITERATION_COUNT and DEFAULT_KEY_PBE_ITERATION_COUNT. I haven't made the change for LEGACY_PBE_ITERATION_COUNT since they will never change. ------------- PR: https://git.openjdk.java.net/jdk/pull/473
