<div class="socmaildefaultfont" dir="ltr" style="font-family:Arial;font-size:10.5pt" ><div dir="ltr" style="font-family:Arial;font-size:10.5pt" ><div dir="ltr" style="font-family:Arial;font-size:10.5pt" ><div dir="ltr" style="margin-top: 20px;" >I agree with John on this. There's also a third point:</div>
<div dir="ltr" style="margin-top: 20px;" ><div dir="ltr" >3. Java 9 (and later releases) still load jar files. Unless specialization is restricted to modules, relying on module boundaries for security isn't sufficient.</div>
<div dir="ltr" > </div>
<div dir="ltr" >Purely from an implementation perspective, I'd rather do a pointer comparison then a larger guid comparison. And I'd rather debug something with a name than matching guids.</div></div>
<div dir="ltr" style="margin-top: 20px;" >--<br>Bjørn Vårdal</div></div>
<div dir="ltr" > </div>
<div dir="ltr" > </div>
<blockquote data-history-content-modified="1" dir="ltr" style="border-left:solid #aaaaaa 2px; margin-left:5px; padding-left:5px; direction:ltr; margin-right:0px" >----- Original message -----<br>From: John Rose <john.r.rose@oracle.com><br>To: Peter Levart <peter.levart@gmail.com><br>Cc: Brian Goetz <brian.goetz@oracle.com>, Bjorn B Vardal/Ottawa/IBM@IBMCA, valhalla-spec-experts@openjdk.java.net<br>Subject: Re: Nestmates<br>Date: Thu, Feb 18, 2016 1:10 PM<br> <br><!--Notes ACF
<meta http-equiv="Content-Type" content="text/html charset=utf8" >-->On Feb 17, 2016, at 12:15 PM, Peter Levart <<a href="mailto:peter.levart@gmail.com" target="_blank" >peter.levart@gmail.com</a>> wrote:
<div><blockquote type="cite" >
<div><span>Suppose javac generates a random nest id for each nest (say 128 bit UUID). Two classes are nest-mates if they belong to the same module *and* share the same nest id.</span></div></blockquote></div>
<div>There are two parts to this proposal:</div>
<div> </div>
<div>1. New naming convention for nests, based on UUIDs. This is a new concept in the JVM, and would require new infrastructure to manage (generate, transcode, verify, reflect, debug). That means new bugs and new attack surfaces. In the absence of a decisive benefit, it's better to reuse existing name spaces, and (in particular) the JVM's type name dictionary.</div>
<div> </div>
<div>2. Unidirectional links. The UUID, being a pure identity with no content, does not contain a list of its nestlings. The nestlings point to the nest (via the UUID). Any class can inject itself into a nest (in the same package) simply by mentioning the appropriate UUID. Unidirectional linkage means that there is no way to enumerate a nest. This complicates some optimizations (based on sealed types). Security and seal-ability of nests is reduced to that of packages. PRIVATE becomes just an alias for default-scope access control.</div>
<div> </div>
<div>Sorry, but neither part of this is appealing to me, compared with the current proposal.</div>
<div> </div>
<div>— John</div></blockquote>
<div dir="ltr" > </div></div></div><BR>