RFR: 8254935: Deprecate the PSSParameterSpec(int) constructor [v5]
Weijun Wang
weijun at openjdk.java.net
Fri Mar 25 21:52:48 UTC 2022
On Fri, 25 Mar 2022 21:34:28 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> src/java.base/share/classes/java/security/spec/PSSParameterSpec.java line 78:
>>
>>> 76: * Please do not rely on {@code PSSParameterSpec.DEFAULT} unless these
>>> 77: * values are really what you want to use.
>>> 78: *
>>
>> I just read the whole class spec. Since the default values are already included on lines 38-41, I think there is no need to use so much words and we can just say "defined above".
>
> I am not sure if everyone reads the complete spec from class to fields and methods. Which part do you want to remove and just use "defined above"? Personally, I find "above" kind of vague... It's better to keep the comment near the field. Perhaps we should trim the class spec instead?
Almost the whole class spec is copied from PKCS #1 but at the end you have "defined in the ASN.1 encoding from the PKCS#1 standard", which might make people wonder if it is something else. If you don't want to remove anything, how about "defined in the ASN.1 encoding from the PKCS#1 standard above". It's verbose but not confusing.
BTW, on https://docs.oracle.com/en/java/javase/18/docs/api/java.base/java/security/spec/PSSParameterSpec.html, the whole "Note" is shown on one line. I guess that's not intended.
-------------
PR: https://git.openjdk.java.net/jdk/pull/7913
More information about the security-dev
mailing list