On Fri, 14 Apr 2023 15:42:55 GMT, Xue-Lei Andrew Fan <xue...@openjdk.org> wrote:
>> I see. So the security providers are told: >> 1. Don't implement `provider()` (If you do, we won't look at it) >> 2. Do validate parameters on your own (because no one else does) >> >> Let me think about it. I can even ask a security provider what their opinion >> is. > >> 2. Do validate parameters on your own (because no one else does) >> > I would say: validate the parameters on your own, because not everyone else > does. I added another proposal in you PR at https://github.com/openjdk/jdk/pull/13470#issuecomment-1508915798. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/13256#discussion_r1167045135
