The API specifications for java.security, java.security.cert, and javax.crypto packages do not specify requirements for security algorithms and algorithm-specific requirements (e.g. encryption strength).
 
This issue makes it difficult to develop conformance tests. In an extreme case, an implementation can use very weak algorithms and still be considered a valid implementation according to the current javadoc API specification.
 
Furthermore, there is currently no guarantee that applications can interoperate. We need to specify a minimum level of required algorithms and parameters that all JRE implementations must support. This will improve interoperability and guarantee a minimum set of algorithms that all Java applications can depend on.