[7u40] Request for Phase 2 approval for 7165807: Non optimized initialization of NSS crypto library leads to scalability issue (original) (raw)

Seán Coffey sean.coffey at oracle.com
Mon Jun 24 13:49:40 PDT 2013


Vinnie,

as per phase 2 process [1] - what tests have been run to verify this fix ?

Regards, Sean.

[1] http://openjdk.java.net/projects/jdk7u/phase2/phase2-process.html

On 24/06/13 12:40, Vincent Ryan wrote:

Hello all,

Please approve the following fix for 7u40: Bug: http://bugs.sun.com/viewbug.do?bugid=7165807 Webrev: http://cr.openjdk.java.net/~vinnie/7165807/webrev.01/ Code review: http://mail.openjdk.java.net/pipermail/security-dev/2013-June/007786.html JDK 8 changeset: [under construction] This fix modifies the SunPKCS11 JCE provider to initialize the Mozilla Network Security Services (NSS) crypto library to favour performance over memory footprint, by default. A new SunPKCS11 configuration flag 'nssOptimizeSpace' has been introduced to enable Java applications to revert to the old behaviour. Note that this change affects only the NSS-specific mode of the SunPKCS11 provider. It makes it consistent with the provider's regular behaviour which already initializes NSS to favour performance over memory footprint. Thanks.



More information about the jdk7u-dev mailing list