Thanks Mike. Both those classes were extended, as you suggest, for JDK 8: http://hg.openjdk.java.net/jdk8/jdk8/jdk/rev/8ee6d45348ba
A separate effort is also underway to enhance the classes that implement SecretKey and PrivateKey. Applications may first check whether a key class is an instance of Destroyable or they may call the key's destroy method and handle the possible exception. On 14 Jun 2013, at 17:42, Michael StJohns wrote: > Generic questions for possible future work: > > As a general guideline, would it make sense to add > javax.security.auth.Destroyable to the set of interfaces for SecretKey and > PrivateKey implementation objects where possible? > > Should the methods that use secret and private keys check to see if those > keys implement the Destroyable interface to see if they should call > isDestroyed() from that interface prior to using the key? > > Mike >
