Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8182484

Remove 1024-bit default requirement from javadoc of java.security.interfaces.DSAKeyPairGenerator

    XMLWordPrintable

    Details

    • Type: Enhancement
    • Status: Resolved
    • Priority: P3
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 10
    • Component/s: security-libs
    • Labels:

      Description

      The DSAKeyPairGenerator class description currently says the following:

      "If no initialize method is called on a DSAKeyPairGenerator, the default is to generate 1024-bit keys, using precomputed p, q and g parameters and an instance of SecureRandom as the random bit source."

      1024-bit keys are no longer recommended. Ideally, this default requirement should be removed and it should be implementation-specific as to what size keys are generated. Suggest changing this to:

      "If no initialize method is called on a DSAKeyPairGenerator, the default is to generate keys of an implementation-specific size, using precomputed p, q and g parameters and an instance of SecureRandom as the random bit source. However, note that the default keysize may vary across different implementations and may change in a future version. Therefore, it is recommended to explicitly initialize the DSAKeyPairGenerator instead of relying on defaults."

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              valeriep Valerie Peng
              Reporter:
              mullan Sean Mullan
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Due:
                Created:
                Updated:
                Resolved: