> At some point (though not yet!), we'll find some reason why we need to bump > the minimum JDK version up to 7. While the signature stuff is fresh in mind, > is it worth raising a bug in bugzilla and noting down what'd be involved in > swapping from bouncy castle to javax.crypto when we do? That way, as and when > we have the need to move to a newer JDK/JVM, we've notes on how to reduce > dependencies when we do!
I've tried to use the jdk classes, but at a point I was confronted with using either internal sun.* packages, which partly weren't contained in the JRE, copying the sun sources or using bouncycastle. I don't think we will get rid of the bc jar in the near future - but this only applies to xml signature and extended hashing/cipher algorithm, so the dependencies for the typical use aren't affected Andi --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
