JEP260 -- Impact on SunPKCS11?
glen.vermeylen at telenet.be
glen.vermeylen at telenet.be
Mon Nov 16 12:13:15 UTC 2015
In the Devoxx presentation "Prepare for JDK9", the strategy for encapsulating "sun.* " packages is discussed.
The class sun.security.SunPkcs11 is not listed on slide 16 ("Uses of JDK-internal APIs"), but as the rest of sun.security.* is listed as "Non-critical, no replacement planned", will this also be case for SunPKCS11?
As far as I know there is no alternative security Provider for integrating with PKCS11 aside from rolling your own jni code or using vendor-specific apis.
We rely on SunPKCS for interfacing with an HSM and belgian e-id smartcard. And even though we are aware that touching sun.* is frowned upon, first search hit on "java pkcs11" gives following page: https://docs.oracle.com/javase/7/docs/technotes/guides/security/p11guide.html . With such elaborate documentation, you can't really blame devs to actually use this functionality :) .
Is there an alternative to SunPKCS11 or am I overlooking something?
Thanks for your response,
Glen Vermeylen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/jep-changes/attachments/20151116/a6773819/attachment.html>
More information about the jep-changes
mailing list