It's OK to me. Thanks, Xuelei
On 9/15/2015 7:43 PM, Sean Mullan wrote: > On 09/04/2015 08:32 PM, Xuelei Fan wrote: >> Looks fine to me. > > One additional change. I have added PKIX as a required algorithm for > TrustManagerFactory. Please review the updated webrev: > > http://cr.openjdk.java.net/~mullan/webrevs/8015388/webrev.01/ > > Thanks, > Sean > >> >> Xuelei >> >> On 9/4/2015 11:51 PM, Sean Mullan wrote: >>> The JDK includes a list of required security algorithms that all >>> implementations must support: >>> http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#impl >>> >>> >>> >>> This list is reviewed before each major release to check if new >>> algorithms should be added (or existing algorithms removed). >>> >>> For JDK 9, we are proposing to add several new algorithms and keysizes >>> that are recommended by standards bodies for cryptographic operations >>> and security protocols. Adding these as requirements ensures that Java >>> applications can depend on them to be available on all Java 9 >>> implementations. The new requirements are: >>> >>> 1. Signature: SHA256withDSA >>> 2. KeyPairGenerator: DSA (2048), DiffieHellman (2048, 4096), RSA (4096) >>> 3. AlgorithmParameterGenerator: DSA (2048), DiffieHellman (2048, 4096) >>> 4. Cipher: AES/GCM/NoPadding (128), AES/GCM/PKCS5Padding (128) >>> 5. SSLContext: TLSv1.1, TLSv1.2 >>> >>> webrev: http://cr.openjdk.java.net/~mullan/webrevs/8015388/webrev.00/ >>> >>> Thanks, >>> Sean >>
