RFR: 8248862: Implement Enhanced Pseudo-Random Number Generators [v21]
Jim Laskey
jlaskey at openjdk.java.net
Sat Feb 20 15:20:42 UTC 2021
On Sat, 20 Feb 2021 00:09:51 GMT, Joe Darcy <darcy at openjdk.org> wrote:
>> Jim Laskey has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Remove tabs from random/package-info.java
>
> src/java.base/share/classes/java/util/random/package-info.java line 193:
>
>> 191: *
>> 192: *
>> 193: * <h2><a id="algorithms">Random Number Generator Algorithms Available in Java SE</a></h2>
>
> Some comments and questions on the spec status of this table: is the intentional to require all of these algorithms in all compliant implementation of Java SE or just in the JDK reference implementation? Is the list intended to be exhaustive, meaning no other algorithms should be findable?
>
> I recommend clarifying the intended Java SE vs JDK status here. Also, I recommend including wording along the lines of "this list may change in the future" and "an implementation may provide additional algorithms" etc.
>
> Also, to aid future evolution of the set of algorithms, was there consideration of an "isDeprecated" predicate so that algorithms could be so-marked for a while before being dropped?
Precise advice on wording please. The table reflect algorithms guaranteed findable in JDK 17. Whether they are required in all other deployments is something the CSR review should define. "this list may change in the future" is a good idea.
Not sure "isDeprecated" can be done in a meaningful way. This would require that users would have to add that filter to every query or have all() not include deprecated algorithms. Better to be prepared to handle not finding the algorithm.
-------------
PR: https://git.openjdk.java.net/jdk/pull/1292
More information about the security-dev
mailing list