[7u40] Request for Phase 2 approval for 7165807: Non optimized initialization of NSS crypto library leads to scalability issue
Vincent Ryan
vincent.x.ryan at oracle.com
Mon Jun 24 04:40:44 PDT 2013
Hello all,
Please approve the following fix for 7u40:
Bug: http://bugs.sun.com/view_bug.do?bug_id=7165807
Webrev: http://cr.openjdk.java.net/~vinnie/7165807/webrev.01/
Code review: http://mail.openjdk.java.net/pipermail/security-dev/2013-June/007786.html
JDK 8 changeset: [under construction]
This fix modifies the SunPKCS11 JCE provider to initialize the Mozilla Network Security Services (NSS)
crypto library to favour performance over memory footprint, by default. A new SunPKCS11 configuration
flag 'nssOptimizeSpace' has been introduced to enable Java applications to revert to the old behaviour.
Note that this change affects only the NSS-specific mode of the SunPKCS11 provider. It makes it consistent
with the provider's regular behaviour which already initializes NSS to favour performance over memory
footprint.
Thanks.
More information about the jdk7u-dev
mailing list