JDK-8308194 : Release Note: Update XML Security for Java to 3.0.2
  • Type: Sub-task
  • Component: security-libs
  • Sub-Component: javax.xml.crypto
  • Affected Version: 21
  • Priority: P4
  • Status: Closed
  • Resolution: Delivered
  • Submitted: 2023-05-16
  • Updated: 2023-07-28
  • Resolved: 2023-06-07
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 21
21Resolved
Description
The XML Signature implementation has been updated to Santuario 3.0.2. The main, new feature is support for EdDSA. One difference is that the JDK still supports the [`here()` function](https://www.w3.org/TR/xmldsig-core1/#function-here) by default. However, we recommend avoiding the use of the `here()` function in new signatures and replacing existing signatures that use the `here()` function. Future versions of the JDK will likely disable, and eventually remove, support for this function, as it cannot be supported using the standard Java XPath API. Users can now disable the `here()` function by setting the security property `jdk.xml.dsig.hereFunctionSupported` to "false".