* Sean Mullan: > Please review the following list: > http://cr.openjdk.java.net/~mullan/5001004/review.00/StandardNames.html#impl
"SHA-1" or "SHA1"? (Our code uses "SHA1" for some reason, perhaps for consistency with "HmacSHA1".) I think the TLSv1 cipher suite list is effectively much longer. Correct? There should also be some sort of factory to obtain the predefined algorithms. Instantiation through the framework is quite slow. For message digests, we currently rely on cloning a prototype object of the appropriate digest. SecureRandom is still underspecified. Most applications want an algorithm which cannot block and will not wait for true, physical randomness to arrive. If such applications accidentally use a blocking generator (such as /dev/random on Linux without special hardware support), then things don't work at all, and perhaps developers will use java.util.Random instead. -- Florian Weimer <[email protected]> BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstraße 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99
