<!DOCTYPE html><html><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
FYI <br>
<div class="moz-forward-container"><br>
<br>
-------- Forwarded Message --------
<table class="moz-email-headers-table" cellspacing="0" cellpadding="0" border="0">
<tbody>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">Subject:
</th>
<td>Proposal: Support Wayland and add KEM APIs</td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">Date: </th>
<td>Tue, 16 Apr 2024 15:00:31 +0000</td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">From: </th>
<td>Iris Clark <a class="moz-txt-link-rfc2396E" href="mailto:iris.clark@oracle.com"><iris.clark@oracle.com></a></td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">To: </th>
<td><a class="moz-txt-link-abbreviated" href="mailto:jdk8u-dev@openjdk.org">jdk8u-dev@openjdk.org</a> <a class="moz-txt-link-rfc2396E" href="mailto:jdk8u-dev@openjdk.org"><jdk8u-dev@openjdk.org></a>,
<a class="moz-txt-link-abbreviated" href="mailto:jdk-updates-dev@openjdk.org">jdk-updates-dev@openjdk.org</a>
<a class="moz-txt-link-rfc2396E" href="mailto:jdk-updates-dev@openjdk.org"><jdk-updates-dev@openjdk.org></a></td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">CC: </th>
<td>Iris Clark <a class="moz-txt-link-rfc2396E" href="mailto:iris.clark@oracle.com"><iris.clark@oracle.com></a></td>
</tr>
</tbody>
</table>
<br>
<br>
In November 2023, Red Hat announced [0] their intent to remove the
Xorg server<br>
from RHEL 10; therefore, only Wayland will be supported in RHEL 10
and<br>
subsequent releases. Other Linux distributions may choose a
similar path.<br>
<br>
This will be an issue for Java SE 8, 11, and 17 as they only
support the Xorg<br>
server.<br>
<br>
- (JSRs 337, 384, 392) The Java SE 8, 11, and 17 specifications of<br>
java.awt.Robot make several assumptions about programmatic access
to the<br>
desktop and related behaviours which may not be valid due to
restrictions<br>
in underlying environments such as Wayland. In Java SE 21, the<br>
specification was amended to allow operations to degrade or fail.
This<br>
specification change alone is sufficient to allow for variances in
desktop<br>
behaviour. [1]<br>
<br>
We would also like to add support in Java SE 17 for functionality
required by<br>
some Post-Quantum Cryptographic (PQC) algorithms. The following
new APIs are<br>
necessary to support all of the candidate algorithms currently
identified by<br>
the U.S. National Institute of Standards and Technology (NIST) for
PQC<br>
standardization. This will be an issue as:<br>
<br>
- (JSR 392) KEM APIs were added to Java SE 21 with JEP 452 (Key<br>
Encapsulation Mechanism (KEM) API) [2]. They support secure
encryption<br>
techniques to derive symmetric keys using public key cryptography.
None<br>
of the existing cryptographic APIs in the Java Platform are
capable of<br>
representing KEMs in a natural way. [3]<br>
<br>
Finally, we would like to add the system property<br>
"java.specification.maintenance.version" to Java SE 17, thus
aligning it with<br>
Java SE 8, Java SE 11, and releases Java SE 19 and beyond. The
issue is:<br>
<br>
- (JSR 392) The Java SE 17 Specification does not have a
programmatic means<br>
to identify whether a JDK is implementing an original, or
maintenance<br>
release of the Java SE specification. The system property<br>
"java.specification.maintenance.version" was added in Java SE 19
and<br>
subsequently backported to Java SE 8 via MR 4 and Java SE 11 via
MR 2. [4]<br>
<br>
To resolve these issues for future JDK updates, I'll shortly
propose<br>
Maintenance Releases of the Java SE 8 [5], the Java SE 11 [6], and
Java SE 17<br>
[7] Platform JSRs in the JCP. For Java SE 8 and Java SE 11, this
will require<br>
updates to the Specification only; for Java SE 17 this will
require updates to<br>
the Specification, the Reference Implementation (RI), and the TCK.
These will<br>
be provided by me and my Oracle colleagues. I expect the
Maintenance Release<br>
process to complete by July 2024, in time for these changes to be
merged into<br>
the October security releases of JDK 8, JDK 11, and JDK 17.<br>
<br>
Following the standard practice, we will base the open-source RI
on the most<br>
recent RI for the release, rather than the most recent JDK Updates
release.<br>
We propose to label the RI build as "17.0.0.1" in order to convey
that it is<br>
outside the contemporary train of update releases. It is neither
meant for<br>
production use, nor will it be updated with security fixes.<br>
<br>
If it's not too much work, we'll also contribute the changes
required by these<br>
MRs to the next appropriate JDK 8, 11, and 17 Updates releases
(most likely<br>
8u432, 11.0.25, and 17.0.13 respectively). We do not plan to
backport the<br>
DH-Based KEM implementation that was included in JEP 452.<br>
<br>
Comments?<br>
<br>
Iris<br>
<br>
[0]:
<a class="moz-txt-link-freetext" href="https://www.redhat.com/en/blog/rhel-10-plans-wayland-and-xorg-server">https://www.redhat.com/en/blog/rhel-10-plans-wayland-and-xorg-server</a><br>
[1]: <a class="moz-txt-link-freetext" href="https://bugs.openjdk.org/browse/JDK-8308012">https://bugs.openjdk.org/browse/JDK-8308012</a> [Robot]<br>
[2]: <a class="moz-txt-link-freetext" href="https://openjdk.org/jeps/452">https://openjdk.org/jeps/452</a><br>
[3]: <a class="moz-txt-link-freetext" href="https://bugs.openjdk.org/browse/JDK-8305384">https://bugs.openjdk.org/browse/JDK-8305384</a> [KEM]<br>
[4]: <a class="moz-txt-link-freetext" href="https://bugs.openjdk.org/browse/JDK-8285764">https://bugs.openjdk.org/browse/JDK-8285764</a> [sys prop]<br>
[5]: <a class="moz-txt-link-freetext" href="https://jcp.org/en/jsr/detail?id=337">https://jcp.org/en/jsr/detail?id=337</a><br>
[6]: <a class="moz-txt-link-freetext" href="https://jcp.org/en/jsr/detail?id=384">https://jcp.org/en/jsr/detail?id=384</a><br>
[7]: <a class="moz-txt-link-freetext" href="https://jcp.org/en/jsr/detail?id=392">https://jcp.org/en/jsr/detail?id=392</a><br>
</div>
</body>
</html>