harmony-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Diego Mercado <mercadodi...@gmail.com>
Subject Re: [classlib] proposal to revisit componentization for security (was: Re: problems with security2)
Date Fri, 10 Feb 2006 16:45:15 GMT
javax.crypto is an "exportable" package: it's defined as an extension
(JCE) that has key and parameters' export restrictions defined in
JAVA_HOME/lib/security/local_policy.jar and
JAVA_HOME/lib/security/US_export_policy.jar

If you don't define such restrictions its make sense to merge JCE with JCA.

Regards,
Diego

On 2/10/06, Tim Ellison <t.p.ellison@gmail.com> wrote:
> Mikhail Loenko wrote:
> > What I'd like to propose is:
> >
> > 1. separate Authentication and Authorization stuff (javax.security
> > package) from general security
>
> Ok, so I can see this.
>
> > 2. unite crypto (java.security) and crypto extension (javax.crypto)
>
> but this makes no sense to me.  Why would you want to unite JCE with
> general security?  There is no close coupling afaict.
>
> How about
>  - general security
>  - crypto
>  - x-net
>  - jaas
>
> there may be good reason to want to replace crypto independently of
> general security.  Am I missing something?
>
> Regards,
> Tim
>
> --
>
> Tim Ellison (t.p.ellison@gmail.com)
> IBM Java technology centre, UK.
>


--
Diego

Mime
View raw message