On 14 Jun 2013, at 18:40, Michael StJohns wrote:

> That's what I get for pawing around in the JDK7 code instead of the JDK8 
> code... 
> 
> I'm surprised this is a sub interface to private key etc rather than just 
> having this added to the sun implementations.    Doing it this way isn't 
> backwards compatible and is going to blow up a number of other providers. 

JDK8 gives us magical default methods - so no blow ups.


> Also, there are keys where you really can't destroy them without physically 
> destroying the container.

Right. Not all implementation classes will be able to take advantage of this.


> 
> In any event - thanks!
> 
> Mike
> 
> 
> 
> 
> 
> At 01:17 PM 6/14/2013, Vincent Ryan wrote:
>> Thanks Mike. Both those classes were extended, as you suggest, for JDK 8:
>>   http://hg.openjdk.java.net/jdk8/jdk8/jdk/rev/8ee6d45348ba
>> 
>> A separate effort is also underway to enhance the classes that implement
>> SecretKey and PrivateKey.
>> 
>> Applications may first check whether a key class is an instance of 
>> Destroyable
>> or they may call the key's destroy method and handle the possible exception.
>> 
>> 
>> On 14 Jun 2013, at 17:42, Michael StJohns wrote:
>> 
>>> Generic questions for possible future work:
>>> 
>>> As a general guideline, would it make sense to add 
>>> javax.security.auth.Destroyable to the set of interfaces for SecretKey and 
>>> PrivateKey implementation objects where possible?
>>> 
>>> Should the methods that use secret and private keys check to see if those 
>>> keys implement the Destroyable interface to see if they should call 
>>> isDestroyed() from that interface prior to using the key?
>>> 
>>> Mike
> 

Reply via email to