On Thu, 26 Jan 2023 17:39:34 GMT, Sean Mullan <mul...@openjdk.org> wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional >> commit since the last revision: >> >> Update with Max's comment > > Yeah, this is a little tricky. My feeling is that if you disable an algorithm > like "RC2", it should cover all uses of it no matter what the keysize. If you > only want to disable certain keysizes, then you should add a `keySize` > constraint. We would need to make the parsing smarter so that "RC2 keySize <= > 40" covers RC2_40 but not RC2_128, etc. > > Hmac is another good corner case. It would be nice if we could have > exceptions, like "SHA512", "!HmacSHA512". But that's a little more involved, > and requires some more thought as to whether that is a good idea. @seanjmullan @wangweij Thanks for the review. ------------- PR: https://git.openjdk.org/jdk/pull/12056
