--- a/jdk/src/java.base/share/conf/security/java.security Thu Aug 25 20:53:40 2016 +0300
+++ b/jdk/src/java.base/share/conf/security/java.security Fri Aug 26 13:44:20 2016 -0700
@@ -804,6 +804,56 @@
# EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 \
# FFFFFFFF FFFFFFFF, 2}
+# Cryptographic Jurisdiction Policy defaults
+#
+# Due to the import control restrictions of some countries, the default
+# JCE policy files allow for strong but "limited" cryptographic key
+# lengths to be used. If your country's cryptographic regulations allow,
+# the "unlimited" strength policy files can be used instead, which contain
+# no restrictions on cryptographic strengths.
+#
+# If your country has restrictions that don't fit either "limited" or
+# "unlimited", an appropriate set of policy files should be created and
+# configured before using this distribution. The jurisdiction policy file
+# configuration must reflect the cryptographic restrictions appropriate
+# for your country.
+#
+# YOU ARE ADVISED TO CONSULT YOUR EXPORT/IMPORT CONTROL COUNSEL OR ATTORNEY
+# TO DETERMINE THE EXACT REQUIREMENTS.
+#
+# The policy files are flat text files organized into subdirectories of
+# <java-home>/conf/security/policy. Each directory contains a complete
+# set of policy files.
+#
+# The "crypto.policy" Security property controls the directory selection,
+# and thus the effective cryptographic policy.
+#
+# The default set of directories is:
+#
+# limited | unlimited
+#
+# however other directories can be created and configured.
+#
+# Within a directory, the effective policy is the combined minimum
+# permissions of the grant statements in the file(s) with the filename
+# pattern "default_*.policy". At least one grant is required. For
+# example:
+#
+# limited = Export (all) + Import (limited) = Limited
+# unlimited = Export (all) + Import (all) = Unlimited
+#
+# The effective exemption policy is the combined minimum permissions
+# of the grant statements in the file(s) with the filename pattern
+# "exempt_*.policy". Exemption grants are optional.
+#
+# limited = grants exemption permissions, by which the
+# effective policy can be circumvented.
+# e.g. KeyRecovery/Escrow/Weakening.
+#
+# Please see the JCA documentation for additional information on these
+# files and formats.
+crypto.policy=crypto.policydir-tbd
+
#
# The policy for the XML Signature secure validation mode. The mode is
# enabled by setting the property "org.jcp.xml.dsig.secureValidation" to