On 08/24/2016 05:21 PM, Bradford Wetmore wrote: [...]
Sean Mullan wrote: > What about setting the default value to "limited"? And then this > would only be changed to "unlimited" if the build --enable-unlimited- > crypto option is specified? I could, but I'm concerned that a build with --enabled-unlimited-crypto would expect that the compiled-in version default would also be unlimited and would be surprised with limited. Upon Max's suggestion above, I've changed the name of the marker to "crypto.policy=crypto.policydir-tbd." Does that work for you?
So by having no crypto.policy defined we have no JCA? Does that mean no operations at all (No MessageDigest, etc) or no restrictable crypto ops?
Since we know a limited number of countries have import issues, can we make no crypto.policy property defined as unlimited policy? Defining the property would be for only limiting the access. We could get rid of the unlimited policy file and just ship a limited policy file.
Tony
