On Fri, 20 Dec 2024 01:54:29 GMT, Weijun Wang <wei...@openjdk.org> wrote:
> OK. I have a minor concern: this factory seems primarily useful for HSMs, and > it’s unlikely that software-based providers would support it. Users should be > mindful of its intended use. I noticed the CSR already references its > connection to the CKK_GENERIC_SECRET type. You could clarify further that > this is specifically used by a PKCS#11 provider to "import" an external key > into a token. I believe we already agreed to address this in a separate > enhancement. I'll split this PR and clarify the intention for _Generic_ keys in the new CSR. @seanjmullan, based on what we discussed with Weijun, would you be open to making this PR dependent on the _Generic_ one? Otherwise, I'll have to trim the test and we will loose coverage. ------------- PR Comment: https://git.openjdk.org/jdk/pull/22215#issuecomment-2556126735
