Hi Gavin,

thank you - I believe this is https://bugs.openjdk.java.net/browse/JDK-7024850 and https://bugs.openjdk.java.net/browse/JDK-8170157 - a deliberate change.


Per the cryptographic roadmap at https://www.java.com/en/jre-jdk-cryptoroadmap.html, it is planned for the January 2018 CPU to enable the unlimited cryptographic policy by default for JDK 6, JDK 7 and JDK 8, too.

For discussions around that new default, please see http://mail.openjdk.java.net/pipermail/security-dev/2016-October/014942.html and related threads on security-dev mailing list at OpenJDK.

cheers,
dalibor topic

On 10.08.2017 03:22, Gavin McDonald wrote:
One piece of feedback for you.

conf/security/java.security

seems to have ‘crypto.policy=unlimited’ already turned on.

That seems backwards and imo should be set to ‘limited’ by default, especially considering this is way it has always been and also from reading the preceding text in that file.

I will provide our projects with both a limited and unlimited-security version for this b181.

HTH

Gav...

On 9 Aug 2017, at 8:38 am, Gavin McDonald <ga...@16degrees.com.au <mailto:ga...@16degrees.com.au>> wrote:

Hi Guys

For my part - my ‘project’ is ensuring these builds are available on the ASF Build Slaves which include 75+ jenkins nodes and 20+ Buildbot nodes.

https://github.com/apache/infrastructure-puppet/blob/deployment/modules/build_slaves/manifests/jenkins.pp#L23 <https://github.com/apache/infrastructure-puppet/blob/deployment/modules/build_slaves/manifests/jenkins.pp#L23>

currently the ‘latest’ build there is b179 installed not long ago, I will make sure to get b181 on all our jenkins/buildbot nodes today.

For those of you on the builds@ mailing list, please do change or create a build using this b181 and provide this list and Rory directly
with your feedback over the next few days.

My next mail will be me saying b181 is installed and ready to go….

Gav…

On 8 Aug 2017, at 7:39 pm, Rory O'Donnell <rory.odonn...@oracle.com <mailto:rory.odonn...@oracle.com>> wrote:


Hi Mark & Gavin,

Thank you very much for all your testing of JDK 9 during its development! Such contributions have significantly helped shape and improve JDK 9.

Now that we have reached the JDK 9 Final Release Candidate phase [1] , I would like to ask if your project can be considered to be 'ready for JDK 9', or if there are any remaining show stopper issues which you've encountered when testing with the JDK 9 release candidate.

JDK 9  b181 is available at http://jdk.java.net/9/

If you have a public web page, mailing list post, or even a tweet announcing you project's readiness for JDK 9, I'd love to add the URL to the upcoming JDK 9 readiness page on the Quality Outreach wiki.


Looking forward to hearing from you,
Rory

[1] http://openjdk.java.net/projects/jdk9/

--
Rgds,Rory O'Donnell
Quality Engineering Manager
Oracle EMEA , Dublin, Ireland




--
<http://www.oracle.com> Dalibor Topic | Principal Product Manager
Phone: +494089091214 <tel:+494089091214> | Mobile: +491737185961
<tel:+491737185961>

ORACLE Deutschland B.V. & Co. KG | Kühnehöfe 5 | 22761 Hamburg

ORACLE Deutschland B.V. & Co. KG
Hauptverwaltung: Riesstr. 25, D-80992 München
Registergericht: Amtsgericht München, HRA 95603

Komplementärin: ORACLE Deutschland Verwaltung B.V.
Hertogswetering 163/167, 3543 AS Utrecht, Niederlande
Handelsregister der Handelskammer Midden-Niederlande, Nr. 30143697
Geschäftsführer: Alexander van der Ven, Jan Schultheiss, Val Maher

<http://www.oracle.com/commitment> Oracle is committed to developing
practices and products that help protect the environment

Reply via email to