RFR (12): 8215318: Amend the Standard Algorithm Names specification to clarify that names can be defined in later versions
Sean Mullan
sean.mullan at oracle.com
Thu Jan 17 22:38:03 UTC 2019
To address some concerns raised during the CSR [1] review, I have
adjusted the proposed wording to recommend that, as a best practice (and
not as a requirement), implementations should use standard names for
additional algorithms that they choose to support if those standard
names are defined in later versions of the Java Security Standard
Algorithm Names specification. I have also added text to recommend that
the algorithms that an implementation supports be documented in release
notes or a separate document similar to the JDK Providers guide.
Please let me know if you have any comments on this updated text, which
is as follows:
"Note that an SE implementation may support additional algorithms
that are not defined in this specification. As a best practice, if an
algorithm is defined in a subsequent version of this specification and
an implementation of an earlier specification supports that algorithm,
the implementation should use the standard name of the algorithm
that is defined in the subsequent specification. Each SE implementation
should also document the algorithms that it supports or adds support
for in subsequent update releases. The algorithms may be documented
in release notes or in a separate document such as the JDK Security
Providers document."
Thanks,
Sean
[1] https://bugs.openjdk.java.net/browse/JDK-8215320
On 1/2/19 4:37 PM, Iris Clark wrote:
> Hi, Sean.
>
> These changes look good.
>
> Thanks,
> iris
>
> -----Original Message-----
> From: Sean Mullan
> Sent: Wednesday, January 2, 2019 12:43 PM
> To: security Dev OpenJDK <security-dev at openjdk.java.net>; IRIS,CLARK <iris.clark at oracle.com>
> Subject: RFR (12): 8215318: Amend the Standard Algorithm Names specification to clarify that names can be defined in later versions
>
> Please review this change to the Java Security Standard Algorithm Names specification [1] to clarify that standard names that are defined in later versions of SE are also supported in prior versions, as long as the applicable Security APIs are also supported.
>
> Please see the CSR for the motivation and exact wording changes:
> https://bugs.openjdk.java.net/browse/JDK-8215320
>
> This change will also be included in the upcoming Maintenance Reviews of the Java SE 8 and 11 Platform JSRs. See [2] for more information.
>
> I have also included the raw diffs below:
>
> diff -r 8829e86def29
> closed/src/java.base/share/specs/security/standard-names.md
> --- a/closed/src/java.base/share/specs/security/standard-names.md
> Thu Dec 20 14:21:16 2018 -0500
> +++ b/closed/src/java.base/share/specs/security/standard-names.md
> Wed Jan 02 15:39:12 2019 -0500
> @@ -20,6 +20,10 @@
> The Java SE Security API requires and uses a set of standard names for
> algorithms, certificate and keystore types.
>
> +Names that are added to subsequent Java SE versions of this
> +specification also apply to this version of the specification if the
> +Security APIs that those names are defined for are supported.
> +
> In some cases naming conventions are given for forming names that are not
> explicitly listed, to facilitate name consistency across provider
> implementations. Items in angle brackets (such as `<digest>` and
>
> --Sean
>
> [1]
> https://docs.oracle.com/en/java/javase/11/docs/specs/security/standard-names.html
> [2]
> https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2018-December/000308.html
>
More information about the security-dev
mailing list