RFR: 8061842: Package jurisdiction policy files as something other than JAR
Anthony Scarpino
anthony.scarpino at oracle.com
Thu Aug 25 03:43:27 UTC 2016
Yuck lawyers :-)
I think the lawyers have already answered. The huge explanation in the
java.security file covers our responsibilities and where the user's
responsibilities starts. I believe what I'm talking about is just
implementation details.
Tony
On 08/24/2016 07:08 PM, Weijun Wang wrote:
> I guess we need a lawyer to answer this question. :-)
>
> On 8/25/2016 9:58, Anthony Scarpino wrote:
>> So by having no crypto.policy defined we have no JCA? Does that mean no
>> operations at all (No MessageDigest, etc) or no restrictable crypto ops?
>>
>> Since we know a limited number of countries have import issues, can we
>> make no crypto.policy property defined as unlimited policy? Defining
>> the property would be for only limiting the access. We could get rid of
>> the unlimited policy file and just ship a limited policy file.
>>
>> Tony
>>
More information about the security-dev
mailing list