Mercurial Mercurial > jdk-sandbox / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
jdk/src/java.base/share/conf/security/java.security
changeset 40565 3ac0ba151e70
parent 40558 ec1dec20d88f
child 41230 0a8c1ba2b6fb 
--- a/jdk/src/java.base/share/conf/security/java.security	Thu Aug 25 20:53:40 2016 +0300
+++ b/jdk/src/java.base/share/conf/security/java.security	Fri Aug 26 13:44:20 2016 -0700
@@ -804,6 +804,56 @@
 #       EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 \
 #       FFFFFFFF FFFFFFFF, 2}
 
+# Cryptographic Jurisdiction Policy defaults
+# 
+# Due to the import control restrictions of some countries, the default
+# JCE policy files allow for strong but "limited" cryptographic key
+# lengths to be used.  If your country's cryptographic regulations allow,
+# the "unlimited" strength policy files can be used instead, which contain
+# no restrictions on cryptographic strengths.
+# 
+# If your country has restrictions that don't fit either "limited" or
+# "unlimited", an appropriate set of policy files should be created and
+# configured before using this distribution.  The jurisdiction policy file
+# configuration must reflect the cryptographic restrictions appropriate
+# for your country.
+# 
+# YOU ARE ADVISED TO CONSULT YOUR EXPORT/IMPORT CONTROL COUNSEL OR ATTORNEY
+# TO DETERMINE THE EXACT REQUIREMENTS.
+# 
+# The policy files are flat text files organized into subdirectories of
+# <java-home>/conf/security/policy.  Each directory contains a complete
+# set of policy files.
+#
+# The "crypto.policy" Security property controls the directory selection,
+# and thus the effective cryptographic policy.
+# 
+# The default set of directories is:  
+# 
+#     limited | unlimited 
+# 
+# however other directories can be created and configured.
+# 
+# Within a directory, the effective policy is the combined minimum
+# permissions of the grant statements in the file(s) with the filename
+# pattern "default_*.policy".  At least one grant is required.  For
+# example:
+#
+#     limited   =  Export (all) + Import (limited)  =  Limited
+#     unlimited =  Export (all) + Import (all)      =  Unlimited
+#
+# The effective exemption policy is the combined minimum permissions
+# of the grant statements in the file(s) with the filename pattern
+# "exempt_*.policy".  Exemption grants are optional.
+#
+#     limited   =  grants exemption permissions, by which the
+#                  effective policy can be circumvented. 
+#                  e.g.  KeyRecovery/Escrow/Weakening.
+# 
+# Please see the JCA documentation for additional information on these
+# files and formats.
+crypto.policy=crypto.policydir-tbd
+
 #
 # The policy for the XML Signature secure validation mode. The mode is
 # enabled by setting the property "org.jcp.xml.dsig.secureValidation" to
jdk-sandbox