[PATCH FOR REVIEW] Allow OpenJDK to be built with the unlimited crypto policy (original) (raw)
Mark Wielaard mjw at redhat.com
Tue Sep 25 12:31:51 UTC 2012
- Previous message (by thread): [PATCH FOR REVIEW] Allow OpenJDK to be built with the unlimited crypto policy
- Next message (by thread): [PATCH FOR REVIEW] Allow OpenJDK to be built with the unlimited crypto policy
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, 2012-09-18 at 10:39 -0400, Andrew Hughes wrote:
This is an issue that has been with us for a while. See:
https://bugs.openjdk.java.net/showbug.cgi?id=100062 http://bugs.sun.com/bugdatabase/viewbug.do?bugid=7188845 for some background. [...] It's not clear to me why this approach wasn't taken before, so I hope I haven't missed something.
The original reason is described in those two references you found and explained a bit more in: http://mail.openjdk.java.net/pipermail/security-dev/2009-June/000916.html The summary is that it was just easier to remove unused classes that made the code tricky to understand for no good reason except for some secret proprietary code. Of course that is an explanation from 3 years ago, and the original patch was made 4 years ago... Maybe the code base has been simplified since. In general it has just been impossible to get anybody to make time to review it :{
Cheers,
Mark
- Previous message (by thread): [PATCH FOR REVIEW] Allow OpenJDK to be built with the unlimited crypto policy
- Next message (by thread): [PATCH FOR REVIEW] Allow OpenJDK to be built with the unlimited crypto policy
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]