RFR: 8153005: Upgrade the default PKCS12 encryption/MAC algorithms

Weijun Wang weijun at openjdk.java.net
Thu Oct 8 06:50:31 UTC 2020


On Wed, 7 Oct 2020 22:20:07 GMT, Hai-May Chao <hchao at openjdk.org> wrote:

>> Looks good. Only minor comments.
>
> CSR looks good. In "Sepcification" section: a typo in 'Thr iteration counts used by'. At the end, it describes the new
> system property will override the security properties and use the older and weaker algorithms, so suggest we could also
> add text about setting the iteration counts to the default legacy values.

CSR updated. More description, and iteration counts lowered to 10000. Will update code soon.

-------------

PR: https://git.openjdk.java.net/jdk/pull/473



More information about the security-dev mailing list