CFV: New Project: Brisbane

Denis Gauthier denis.gauthier at
Mon Mar 18 00:57:17 UTC 2024

I hereby propose the creation of Project Brisbane with Denis Gauthier (myself) as the Lead and the Security and Core Libraries groups as the sponsoring Group(s).
Project Brisbane proposes to create a Java Cryptographic Extension (JCE) provider for FIPS 140 [1] regulated environments. The provider will use the Foreign Function & Memory API [2] to encapsulate the FIPS 140 validated OpenSSL[3] library, and provide safeguards to ensure that it is used correctly. Brisbane will be based on Oracle Cloud Infrastructure (OCI) source code of an existing solution as the starting point for development.

As lead for the Oracle Cloud cryptography team, member of the OpenSSL Release Steering Committee[4], and core stakeholder of the OpenSSL 3.0 project to reinstate FIPS support in OpenSSL[5], my interest and involvement in this area dates back nearly a decade.

Proposed initial committers/reviewers include:

David Makepeace (Reviewer)
Eamon O’Dea (Reviewer)
Kapil Khattar (Committer)
Jaimee Brown (Committer)
Sean Mullan (Reviewer)
Anthony Scarpino (Reviewer)
Maurizio Cimadamore (Reviewer)
Per-ake Minborg (Reviewer)
Jorn Vernee (Reviewer)
Erik Joelsson (Reviewer)
Kevin Rushforth (Reviewer)
Aleksej Efimov (Committer)
Conor Cleary (Committer)
Darraugh Clarke (Committer)

Votes are due by 23:59 UTC on Tuesday, April 2nd.

Only current OpenJDK Members [6] are eligible to vote on this motion.  Votes must be cast in the open on the discuss list. Replying to this message is sufficient if your mail program honors the Reply-To header.

For Lazy Consensus voting instructions, see [7].




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the announce mailing list