[security-dev 01132]: Re: 6840752: Provide out-of-the-box support for ECC algorithms
Max (Weijun) Wang
Weijun.Wang at Sun.COM
Fri Aug 28 00:54:15 UTC 2009
On Aug 27, 2009, at 9:52 PM, Andrew John Hughes wrote:
> The problem is more the fact that it's an additional copy rather than
> using the system installation, which means it has to be patched for
> bugs and security fixes separately. For IcedTea, I'll look at
> providing and using the option of using the system NSS and will also
> submit this for review here if there is interest in providing such an
> option.
Since Java security is already provider based, I guess you can simply
write one provider named NSS and remove all other
security.provider.<n> lines in jre/lib/security/java.security.
Max
More information about the security-dev
mailing list