RFR: 8315487: Security Providers Filter [v13]
Anthony Scarpino
ascarpino at openjdk.org
Tue Dec 17 17:11:44 UTC 2024
On Tue, 17 Dec 2024 02:50:21 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:
> I agree that this proposal cannot solve all situation. But can it address the situations that FIPS approval can be granted? Otherwise, this proposal might just look great but no one can use it.
@martinuy mostly answered your question, but I just wanted to state the JDK is not getting a FIPS 140 validation. The FIPS boundary and all the requirements are the responsibility of the provider. FIPS providers are a consumer of this filter, but it is the admin's responsibility to set the filter correctly for FIPS or their situation.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/15539#issuecomment-2549065042
More information about the core-libs-dev
mailing list