[security-dev 01163]: Re: PING 1: [PATCH FOR REVIEW]: Elliptic Curve Cryptography in OpenJDK6 with NSS

Joe Darcy Joe.Darcy at Sun.COM
Tue Sep 1 13:39:09 PDT 2009

Andrew John Hughes wrote:
> 2009/8/28 Andrew John Hughes <gnu_andrew at member.fsf.org>:
>> In OpenJDK6, the elliptic curve cryptography algorithms are available
>> if the PKCS11 provider is configured to point to NSS. See:
>> http://blogs.sun.com/andreas/entry/the_java_pkcs_11_provider
>> If NSS is configured as specified in this blog, keytool can be used to
>> generate a key as follows:


Allowing keytool and friends to work in more cases if the provider is 
capable seems fine to me.

Security team, do you have concerns about this patch?



More information about the security-dev mailing list