FYI, I uploaded the slides [2] for the original Security API JSR
proposal that I presented to several internal groups at Oracle last
Summer. This presentation ultimately lead to approval for Oracle to
pursue this JSR. Also, section 2.1 of the JSR proposal [1] was a
derivative of this presentation.
Of course, the Expert Group ultimate determines the contents of the JSR,
so these slides should just be treated as a point of reference.