linfo2172-databases/P1/Rel/jre/conf/security/policy
Brieuc Dubois 57bfda3e26 Initial commit - P1 2024-04-24 10:41:39 +02:00
..
limited Initial commit - P1 2024-04-24 10:41:39 +02:00
unlimited Initial commit - P1 2024-04-24 10:41:39 +02:00
README.txt Initial commit - P1 2024-04-24 10:41:39 +02:00

README.txt

            Java(TM) Cryptography Extension Policy Files
    for the Java(TM) Platform, Standard Edition Runtime Environment

                               README
------------------------------------------------------------------------

Import and export control rules on cryptographic software vary from
country to country.  The Java Cryptography Extension (JCE) architecture
allows flexible cryptographic key strength to be configured via the
jurisdiction policy files which are referenced by the "crypto.policy"
security property in the <java-home>/conf/security/java.security file.

By default, Java provides two different sets of cryptographic policy
files:

    unlimited:  These policy files contain no restrictions on cryptographic
                strengths or algorithms

    limited:    These policy files contain more restricted cryptographic
                strengths

These files reside in <java-home>/conf/security/policy in the "unlimited"
or "limited" subdirectories respectively.

Each subdirectory contains a complete policy configuration,
and subdirectories can be added/edited/removed to reflect your
import or export control product requirements.

Within a subdirectory, the effective policy is the combined minimum
permissions of the grant statements in the file(s) matching the filename
pattern "default_*.policy".  At least one grant is required.  For example:

    limited   =  Export (all) + Import (limited)  =  Limited
    unlimited =  Export (all) + Import (all)      =  Unlimited

The effective exemption policy is the combined minimum permissions
of the grant statements in the file(s) matching the filename pattern
"exempt_*.policy".  Exemption grants are optional.  For example:

    limited   =  grants exemption permissions, by which the
                 effective policy can be circumvented.
                 e.g.  KeyRecovery/KeyEscrow/KeyWeakening.

Please see the Java Cryptography Architecture (JCA) documentation for
additional information on these files and formats.

YOU ARE ADVISED TO CONSULT YOUR EXPORT/IMPORT CONTROL COUNSEL OR ATTORNEY
TO DETERMINE THE EXACT REQUIREMENTS.

Please note that the JCE for Java SE, including the JCE framework,
cryptographic policy files, and standard JCE providers provided with
the Java SE, have been reviewed and approved for export as mass market
encryption item by the US Bureau of Industry and Security.