Your fix looks fine. Thanks.
> On 1 Mar 2016, at 19:21, Sean Mullan <sean.mul...@oracle.com> wrote: > > Updated webrev: http://cr.openjdk.java.net/~mullan/webrevs/8138653/webrev.01/ > > The following changes have been made: > > - The default key size for DSA has not been changed (stays at 1024) due to > the high risk of breaking compatibility with applications still using > SHA1withDSA (key sizes larger than 1024 may be incompatible and rejected). We > will wait on this one for now. > > - The SunPKCS11 default size for RSA keys has been increased to 2048. > > - A bug in the PKCS11 tests was fixed which caused the version of newer NSS > libraries to be unrecognized. > > --Sean > > On 02/24/2016 09:54 AM, Sean Mullan wrote: >> Please review this fix to improve security defaults by increasing the >> default keysize of the RSA, DSA, and DiffieHellman implementations of >> AlgorithmParameterGenerator and KeyPairGenerator from 1024 to 2048 bits: >> >> http://cr.openjdk.java.net/~mullan/webrevs/8138653/webrev.00/ >> >> Thanks, >> Sean >>
