[8u] Request for approval for CR 8215318 - Amend the Standard Algorithm Names specification to clarify that names can be defined in later versions

Andrew Hughes gnu.andrew at redhat.com
Thu Jan 31 06:26:35 UTC 2019 

On Wed, 30 Jan 2019 at 20:35, Sean Mullan <sean.mullan at oracle.com> wrote:
>
> On 1/30/19 11:00 AM, Andrew Hughes wrote:
> > On Mon, 28 Jan 2019 at 20:52, Sean Mullan <sean.mullan at oracle.com> wrote:
> >>
> >>
> >> Requesting approval to push to 8u. This is one of the changes proposed
> >> for the upcoming Java SE 8 Maintenance Review. This change is a
> >> clarification to the Java Security Standard Algorithm Names
> >> specification to allow implementations to support names that are defined
> >> in later revisions. The change is low risk (docs only). The patch has
> >> already been applied to JDK 12 and is the same for 11u and 8u. The CCC
> >> and CSR has already been approved for 8, 11 and 12.
> >>
> >> issue: https://bugs.openjdk.java.net/browse/JDK-8215318
> >>
> >> The public code review thread for the JDK 12 patch is at:
> >> https://mail.openjdk.java.net/pipermail/security-dev/2019-January/019114.html
> >>
> >> Note that this specification is currently in a closed repository, but we
> >> are requesting a public push approval since the changes will be publicly
> >> documented in the Java SE 8 Maintenance Review.
> >>
> >> Thanks,"Java SE Security API
> >> Sean
> >
> > Is there a webrev for this? I can't see a link to a changeset on the bug either.
>
> The specification has not yet been open sourced, so there is no
> changeset I can point you to. However, it will be included in the
> upcoming MR, so it is important that there is a public review and
> approval for the changes.
>
> The current JDK 8 version is
> https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html
>
> The changes that are proposed are the following:
>
> Add the following sentence to the first section ("Standard Names") of
> the Java Security Standard Algorithm Names specification:
>
>      Note that an SE implementation may support additional algorithms
>      that are not defined in this specification.  As a best practice, if an
>      algorithm is defined in a subsequent version of this specification and
>      an implementation of an earlier specification supports that algorithm,
>      the implementation should use the standard name of the algorithm
>      that is defined in the subsequent specification.  Each SE
> implementation
>      should also document the algorithms that it supports or adds support
>      for in subsequent update releases.  The algorithms may be documented
>      in release notes or in a separate document such as the JDK Security
>      Providers document.
>
> Also, the words "JDK Security API" in this section will be changed to
> "Java SE Security API" (this change has already been made in later SE
> releases).
>
> With these changes added, the beginning of the first section is now the
> following:
>
>      The Java SE Security API requires and uses a set of standard
>      names for algorithms, certificate and keystore types. This
>      specification establishes the following names as standard names.
>
>      Note that an SE implementation may support additional algorithms
>      that are not defined in this specification.  As a best practice, if an
>      algorithm is defined in a subsequent version of this specification and
>      an implementation of an earlier specification supports that algorithm,
>      the implementation should use the standard name of the algorithm
>      that is defined in the subsequent specification.  Each SE
> implementation
>      should also document the algorithms that it supports or adds support
>      for in subsequent update releases.  The algorithms may be documented
>      in release notes or in a separate document such as the JDK Security
>      Providers document.
>
>      In some cases naming conventions are given for forming names
>      that are not explicitly listed, to facilitate name consistency
>      across provider implementations. Items in angle brackets (such as
>      <digest> and <encryption>) are placeholders to be replaced by a
>      specific message digest, encryption algorithm, or other name.
>
>      Note: Standard names are not case-sensitive.
>
> Thanks,
> Sean
>

The changes seem relatively uncontroversial (though I fail to see
the difference between "JDK Security API" and "Java SE Security API").
However, I don't see how I can approve something which is not
even part of OpenJDK and thus, can't even see.
-- 
Andrew :)

Senior Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

Web Site: http://fuseyism.com
Twitter: https://twitter.com/gnu_andrew_java
PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
Fingerprint = 5132 579D D154 0ED2 3E04  C5A0 CFDA 0F9B 3596 4222

More information about the jdk8u-dev mailing list