[security-dev 01163]: Re: PING 1: [PATCH FOR REVIEW]: Elliptic Curve Cryptography in OpenJDK6 with NSS
Joe Darcy
Joe.Darcy at Sun.COM
Tue Sep 1 20:39:09 UTC 2009
Andrew John Hughes wrote:
> 2009/8/28 Andrew John Hughes <gnu_andrew at member.fsf.org>:
>> In OpenJDK6, the elliptic curve cryptography algorithms are available
>> if the PKCS11 provider is configured to point to NSS. See:
>>
>> http://blogs.sun.com/andreas/entry/the_java_pkcs_11_provider
>>
>> If NSS is configured as specified in this blog, keytool can be used to
>> generate a key as follows:
Hello.
Allowing keytool and friends to work in more cases if the provider is
capable seems fine to me.
Security team, do you have concerns about this patch?
Thanks,
-Joe
More information about the security-dev
mailing list