Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8182484

Remove 1024-bit default requirement from javadoc of java.security.interfaces.DSAKeyPairGenerator

XMLWordPrintable

    • Icon: Enhancement Enhancement
    • Resolution: Fixed
    • Icon: P3 P3
    • 10
    • None
    • security-libs

      The DSAKeyPairGenerator class description currently says the following:

      "If no initialize method is called on a DSAKeyPairGenerator, the default is to generate 1024-bit keys, using precomputed p, q and g parameters and an instance of SecureRandom as the random bit source."

      1024-bit keys are no longer recommended. Ideally, this default requirement should be removed and it should be implementation-specific as to what size keys are generated. Suggest changing this to:

      "If no initialize method is called on a DSAKeyPairGenerator, the default is to generate keys of an implementation-specific size, using precomputed p, q and g parameters and an instance of SecureRandom as the random bit source. However, note that the default keysize may vary across different implementations and may change in a future version. Therefore, it is recommended to explicitly initialize the DSAKeyPairGenerator instead of relying on defaults."

            valeriep Valerie Peng
            mullan Sean Mullan
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: