Re: RFR [10]: JDK-8182484: Remove 1024-bit default requirement from javadoc of java.security.interfaces.DSAKeyPairGenerator

Tue, 21 Nov 2017 18:05:55 -0800 

Sure, webrev updated  and CSR moved to finalized state.

http://cr.openjdk.java.net/~valeriep/8182484/webrev.02/
Thanks,
Valerie

On 11/21/2017 9:28 AM, Sean Mullan wrote:

One more small comment:
  51  * <li>Check if the returned key pair generator is an instance of the 
  52  * DSAKeyPairGenerator interface before casting the result to a

I would just say "... instance of DSAKeyPairGenerator before ..."

--Sean

On 11/16/17 7:39 PM, Valerie Peng wrote:


Thanks for the feedback.
I have updated webrev to address your comments: http://cr.openjdk.java.net/~valeriep/8182484/webrev.01/ 
CSR has also been updated and proposed.
Valerie

On 11/14/2017 10:47 AM, Sean Mullan wrote:

On 11/8/17 6:47 PM, Valerie Peng wrote:

Hi, Sean,
I updated the webrev in place - now this change contains only javadoc update of DSAKeyPairGenerator interface. 
CSR has also been updated accordingly. Could you please take a look?


Sure.

  35  * DSAKeyPairGenerator, each provider must supply (and document) a
  36  * default initialization.
I suggest saying "should" instead of "must" since we can't really require this to be documented, esp. for a 3rd-party provider. Also I would say "each provider that implements this interface ...".
  52  * DSAKeyPairGenerator, then call one of the {@code initialize} methods
Slight rewording suggestion: "DSAKeyPairGenerator and calling one of the {@code initialize} methods" 

 103      * thrown. It is guaranteed that there will always be
 104      * default parameters for modulus lengths of 512, 1024, and 2048 bits.
I guess "guaranteed" is referring to any impl of DSAKeyPairGenerator, but it is kind of hard to enforce that if you are using a 3rd-party provider. I think we should consider just removing this sentence entirely and leaving the requirements up to the implementation. It's also unusual that we would require 512-bits, and hard-coding that might make it hard to remove later on. Minimally, I think we should remove 512. 

--Sean



Thanks,
Valerie

On 11/2/2017 6:24 PM, Valerie Peng wrote:

Sean,
Could you help review this RFE below? It's mainly the javadoc update of java.security.interfaces.DSAKeyPairGenerator which replaces the 1024-bit default value with provider-specific one and removal of the earlier changes for working around this javadoc limitation. I reused the wordings from existing security classes. 

RFE: https://bugs.openjdk.java.net/browse/JDK-8182484
Webrev: http://cr.openjdk.java.net/~valeriep/8182484/webrev.00/
CSR: https://bugs.openjdk.java.net/browse/JDK-8190569

Thanks,
Valerie

Reply via email to