[9] RFR: 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes

Sean Mullan sean.mullan at oracle.com
Thu Jan 29 15:27:16 UTC 2015


On 01/27/2015 05:40 PM, Michael StJohns wrote:
> So what I'm concerned with is surprise.  I'm also concerned with
> "default signature formats" from new providers.  Right now, I know if
> I ask for ECDSA, the output of Signature will be in a very specific
> format, and the math will match what's in FIPS 186-4, X9.62 and SECG.
> I'm really uncomfortable about changing that.  I think the algorithm
> name should map to one specific suite of math and input/output
> formats.

Yes, your argument makes sense, and we will change the fix to use new 
algorithm Strings that specify the P1363 format. Jason will be following 
up with more details on that.

Thanks for weighing in on this issue and spending the time to explain 
your concerns.

--Sean



More information about the security-dev mailing list