harmony-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alexey Varlamov" <alexey.v.varla...@gmail.com>
Subject Re: [classlib][security] Changing system property java.home may cause incorrect initialization of java.security.Security class
Date Fri, 24 Nov 2006 10:31:53 GMT
+1

2006/11/24, Tim Ellison <t.p.ellison@gmail.com>:
> Alexey Varlamov wrote:
> > 2006/11/24, Tim Ellison <t.p.ellison@gmail.com>:
> >> So how about we implement Security#registerDRLProviders() (maybe with a
> >> method name change) to register:
> >>
> >> security.provider.1=org.apache.harmony.security.provider.cert.DRLCertFactory
> >>
> >> security.provider.2=org.apache.harmony.security.provider.crypto.CryptoProvider
> >>
> >> security.provider.3=org.apache.harmony.xnet.provider.jsse.JSSEProvider
> >> security.provider.4=org.bouncycastle.jce.provider.BouncyCastleProvider
> >>
> >> Thoughts?
> >> Tim
> >
> > Well, there is a number of other sensitive keys without hardcoded
> > defaults, e.g. package.access, probably bunch of ssl.* keys. Therefore
> > I presume it should be Security#defaultConfig() then.
>
> Sorry, I wasn't clear.  There is already a method called
> Security#registerDRLProviders() that does nothing.  I suggest that we
> implement it as I described above.
>
> There may well be other properties that need a default value, but they
> would be fixed elsewhere -- presumably where they are used, in case the
> file exists but does not define those properties any more.
>
> If you agree with the default providers I can make that change.
>
> Regards,
> Tim
>
> --
>
> Tim Ellison (t.p.ellison@gmail.com)
> IBM Java technology centre, UK.
>

Mime
View raw message