To address some concerns raised during the CSR [1] review, I have
adjusted the proposed wording to recommend that, as a best practice (and
not as a requirement), implementations should use standard names for
additional algorithms that they choose to support if those standard
names are defined in later versions of the Java Security Standard
Algorithm Names specification. I have also added text to recommend that
the algorithms that an implementation supports be documented in release
notes or a separate document similar to the JDK Providers guide.
Please let me know if you have any comments on this updated text, which
is as follows:
"Note that an SE implementation may support additional algorithms
that are not defined in this specification. As a best practice, if an
algorithm is defined in a subsequent version of this specification and
an implementation of an earlier specification supports that algorithm,
the implementation should use the standard name of the algorithm
that is defined in the subsequent specification. Each SE implementation
should also document the algorithms that it supports or adds support
for in subsequent update releases. The algorithms may be documented
in release notes or in a separate document such as the JDK Security
Providers document."
Thanks,
Sean
[1] https://bugs.openjdk.java.net/browse/JDK-8215320
On 1/2/19 4:37 PM, Iris Clark wrote:
Hi, Sean.
These changes look good.
Thanks,
iris
-----Original Message-----
From: Sean Mullan
Sent: Wednesday, January 2, 2019 12:43 PM
To: security Dev OpenJDK <security-dev@openjdk.java.net>; IRIS,CLARK
<iris.cl...@oracle.com>
Subject: RFR (12): 8215318: Amend the Standard Algorithm Names specification to
clarify that names can be defined in later versions
Please review this change to the Java Security Standard Algorithm Names
specification [1] to clarify that standard names that are defined in later
versions of SE are also supported in prior versions, as long as the applicable
Security APIs are also supported.
Please see the CSR for the motivation and exact wording changes:
https://bugs.openjdk.java.net/browse/JDK-8215320
This change will also be included in the upcoming Maintenance Reviews of the
Java SE 8 and 11 Platform JSRs. See [2] for more information.
I have also included the raw diffs below:
diff -r 8829e86def29
closed/src/java.base/share/specs/security/standard-names.md
--- a/closed/src/java.base/share/specs/security/standard-names.md
Thu Dec 20 14:21:16 2018 -0500
+++ b/closed/src/java.base/share/specs/security/standard-names.md
Wed Jan 02 15:39:12 2019 -0500
@@ -20,6 +20,10 @@
The Java SE Security API requires and uses a set of standard names for
algorithms, certificate and keystore types.
+Names that are added to subsequent Java SE versions of this
+specification also apply to this version of the specification if the
+Security APIs that those names are defined for are supported.
+
In some cases naming conventions are given for forming names that are not
explicitly listed, to facilitate name consistency across provider
implementations. Items in angle brackets (such as `<digest>` and
--Sean
[1]
https://docs.oracle.com/en/java/javase/11/docs/specs/security/standard-names.html
[2]
https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2018-December/000308.html
