Looks fine to me. I added myself as reviewer.
Xuelei
On 12/6/2019 12:24 PM, Sean Mullan wrote:
Please review this change to deprecate, and eventually remove the native
legacy implementations of elliptic curves in the SunEC provider.
These curves are not implemented using modern formulas and techniques.
We have already replaced some of these curves (secp256r1, secp384r1, and
secp512r1) with a more modern implementation -- see JDK-8208698 [1] for
more details.
With a few exceptions, the remaining curves are rarely used in practice.
It does not make sense to invest what would be a significant amount of
resources to replace all of them. Most of these curves have also been
deprecated or obsoleted by TLS specifications - see RFC 8446 [2] and RFC
8422 [3].
If time and resources permit, a small number of them may be replaced
with more modern implementations.
Only the CSR needs to be reviewed since this is a docs-only change:
https://bugs.openjdk.java.net/browse/JDK-8235184
Thanks,
Sean
[1] https://bugs.openjdk.java.net/browse/JDK-8208698
[2] https://tools.ietf.org/html/rfc8446#appendix-B.3.1.4
[3] https://tools.ietf.org/html/rfc8422#section-5.1.1
