Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-5001004

Required Security Algorithms need to be defined

    XMLWordPrintable

    Details

    • Subcomponent:
    • Resolved In Build:
      b130
    • CPU:
      sparc
    • OS:
      solaris_9
    • Verification:
      Verified

      Description

      The API specifications for java.security, java.security.cert, and javax.crypto packages do not specify requirements for security algorithms and algorithm-specific requirements (e.g. encryption strength).
       
      This issue makes it difficult to develop conformance tests. In an extreme case, an implementation can use very weak algorithms and still be considered a valid implementation according to the current javadoc API specification.
       
      Furthermore, there is currently no guarantee that applications can interoperate. We need to specify a minimum level of required algorithms and parameters that all JRE implementations must support. This will improve interoperability and guarantee a minimum set of algorithms that all Java applications can depend on.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              mullan Sean Mullan
              Reporter:
              pjr Paul Rank (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Imported:
                Indexed: