seanjmullan - Network

We're hiring! The Java Platform Group is responsible for developing the JDK. Most work is in open source (OpenJDK). This opening is for...

We're hiring! The Java Platform Group is responsible for developing the JDK. Most work is in open source (OpenJDK). This opening is for the Java Security Libraries team. It can be on-site or remote.

https://www.linkedin.com/jobs/view/4046796412/

#security #crypto #hiring #java #jdk

New Candidate JEPs for adding Quantum-Resistant Cryptographic Algorithms to the Java Platform:- ML-KEM: https://openjdk.org/jeps/496-...

New Candidate JEPs for adding Quantum-Resistant Cryptographic Algorithms to the Java Platform:

- ML-KEM: https://openjdk.org/jeps/496
- ML-DSA: https://openjdk.org/jeps/497

#java #jdk #openjdk #crypto #security #pqc

JEP 478 (Key Derivation Function API) has been targeted to JDK 24, the next release of the JDK. This is a new cryptographic API for deriving...

JEP 478 (Key Derivation Function API) has been targeted to JDK 24, the next release of the JDK. This is a new cryptographic API for deriving keys. The JEP also includes an implementation of HKDF (RFC 5869). This API will be important for future PQC work such as HPKE (RFC 9180) and stronger password hashing algorithms such as Argon2.

https://openjdk.org/jeps/478 #java #crypto #jdk24 #openjdk

OMG. The game. The season. #mets #lindor

OMG. The game. The season.
#mets #lindor

New candidate JEP: 486: Permanently Disable the Security Manager: openjdk.org/jeps/486#openjdk #jdk #java #security

New candidate JEP: 486: Permanently Disable the Security Manager: openjdk.org/jeps/486

#openjdk #jdk #java #security

JDK 23 Security Enhancements: https://seanjmullan.org/blog/2024/09/17/jdk23Highlights of this release include new “thread” and...

JDK 23 Security Enhancements: https://seanjmullan.org/blog/2024/09/17/jdk23

Highlights of this release include new “thread” and “timestamp” debugging options, crypto related performance improvements, and a new KeyStore for accessing root certificates in the MacOS KeyChain.

#jdk #java #security #crypto

The Java Platform is preparing for the Post Quantum Era. New draft JEPs for the quantum-resistant ML-KEM and ML-DSA algorithms have now been...

The Java Platform is preparing for the Post Quantum Era. New draft JEPs for the quantum-resistant ML-KEM and ML-DSA algorithms have now been published:

https://openjdk.org/jeps/8339009
https://openjdk.org/jeps/8339010

#java #security #crypto

DTLS version 1.0 has been disabled by default in Oracle's JDK 17.0.12 and 11.0.24 releases. This version of DTLS is not recommended and...

DTLS version 1.0 has been disabled by default in Oracle's JDK 17.0.12 and 11.0.24 releases. This version of DTLS is not recommended and was already disabled by default in JDK 20 and later releases. DTLS is not available in releases prior to JDK 9.

See the Released Changes of the Java Crypto Roadmap (https://www.java.com/en/jre-jdk-cryptoroadmap.html) for more details. #java #security #tls #dtls

JEP 478: Key Derivation API (Preview), now a Candidate. “Introduce an API for Key Derivation Functions (KDFs), which are cryptographic...

JEP 478: Key Derivation API (Preview), now a Candidate.

“Introduce an API for Key Derivation Functions (KDFs), which are cryptographic algorithms for deriving additional keys from a secret key and other data. This is a preview API.”

https://openjdk.org/jeps/478

#openjdk #java #security #crypto

Java Crypto Roadmap update: the TLS_ECDH cipher suites will be disabled in the October 2024 release for Oracle JDK 17, 11, and 8 update...

Java Crypto Roadmap update: the TLS_ECDH cipher suites will be disabled in the October 2024 release for Oracle JDK 17, 11, and 8 update releases. These suites are rarely used and do not preserve forward secrecy. This change has already been made in JDK 20 and later.

See https://java.com/cryptoroadmap for details and testing instructions.

#java #security #jdk #crypto #tls

The XML Signature secure validation mode has been enabled by default in Oracle's JDK 11.0.23 and 8u411 releases. The mode was already...

The XML Signature secure validation mode has been enabled by default in Oracle's JDK 11.0.23 and 8u411 releases. The mode was already enabled by default in JDK 17 and later. This mode provides additional protection by disabling weak algorithms and other potentially unsafe constructs in XML Signatures.

See the Released Changes of the Java Crypto Roadmap (https://www.java.com/en/jre-jdk-cryptoroadmap.html) for more details.

#JDK #security #java

We are looking to hire a developer experienced in crypto and security to work on Java Security! We have an opening in USA or Dublin,...

We are looking to hire a developer experienced in crypto and security to work on Java Security! We have an opening in USA or Dublin, Ireland. We have a lot of exciting work so please check it out and let your friends and colleagues know.

https://eeho.fa.us2.oraclecloud.com/hcmUI/CandidateExperience/en/sites/jobsearch/job/228172?utm_medium=jobshare

https://www.infoworld.com/article/3714769/java-22-brings-security-enhancements.html #java #security #jdk22

https://www.infoworld.com/article/3714769/java-22-brings-security-enhancements.html #java #security #jdk22

JDK 22 Security Enhancements: https://seanjmullan.org/blog/2024/03/20/jdk22 #jdk22 #openjdk #security

JDK 22 Security Enhancements: https://seanjmullan.org/blog/2024/03/20/jdk22 #jdk22 #openjdk #security

New Draft JEP for a PEM API: "Introduce an API for encoding and decoding the Privacy-Enhanced Mail (PEM) format. The PEM format is used...

New Draft JEP for a PEM API: "Introduce an API for encoding and decoding the Privacy-Enhanced Mail (PEM) format. The PEM format is used for storing and sending cryptographic keys and certificates."

https://openjdk.org/jeps/8300911

#openjdk #security

JDK 21 Security Enhancements: https://seanjmullan.org/blog/2023/09/22/jdk21#java #jdk21 #openjdk #security #crypto

JDK 21 Security Enhancements: https://seanjmullan.org/blog/2023/09/22/jdk21

#java #jdk21 #openjdk #security #crypto

JDK 21 is out today and contains many new security enhancements! Notably, it includes a new API for KEM (Key Encapsulation Mechanism) and an...

JDK 21 is out today and contains many new security enhancements! Notably, it includes a new API for KEM (Key Encapsulation Mechanism) and an implementation of HSS/LMS for signature verification. Both of these are important pieces for providing Java applications with the tools they will need to withstand quantum attacks.

Stay tuned for my blog on these and other JDK 21 security features!

https://jdk.java.net/21

#jdk21 #security #crypto

Check out this informative and fun video on the new KEM API from Ana-Maria Mihalceanu! https://www.youtube.com/watch?v=zNnS-WdHN1E#java...

Check out this informative and fun video on the new KEM API from Ana-Maria Mihalceanu!

https://www.youtube.com/watch?v=zNnS-WdHN1E

#java #security #jdk21

We have restarted an effort to define a KDF (Key Derivation Function) API for Java. Let us know what you...

We have restarted an effort to define a KDF (Key Derivation Function) API for Java. Let us know what you think!

https://mail.openjdk.org/pipermail/security-dev/2023-July/036642.html

#openjdk #java #security

New Key Encapsulation Mechanism API and DHKEM implementation will be in the next release (21) of...

New Key Encapsulation Mechanism API and DHKEM implementation will be in the next release (21) of Java!
https://mail.openjdk.org/pipermail/jdk-dev/2023-May/007886.html

#java #openjdk #security #jdk21