RFR: 8235710: Remove the legacy elliptic curves [v3]
Anthony Scarpino
ascarpino at openjdk.java.net
Thu Sep 24 21:52:53 UTC 2020
On Thu, 24 Sep 2020 21:37:14 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> jdk.disabled.namedCurves is commented out and I don't think it's good for every operation disabled algorithms call to
>> check an empty property. The description for the disabledAlgorithm properties say you have to use "include", so I
>> don't think it is necessary to we keep it active..
>
> I just think this is an unnecessary behavior change. After all, the purpose of `jdk.disabled.namedCurves` is to be
> included in other disabledAlgorithms properties.
> No strong opinion on this. Please decide yourself.
I understand what you are saying. The property only existed because there were so many curves that would have
overwhelmed the disabledAlgorithms. I also don't like making this a permanent addition to the disabledAlgorithm
properties. It's possible we may remove the property in the future as it's likely unnecessary going forward.
-------------
PR: https://git.openjdk.java.net/jdk/pull/289
More information about the security-dev
mailing list