On 6/18/2018 12:28 PM, Valerie Peng wrote:
Hi Xuelei,
Looks fine.
-line 39, I didn't find info on extended master secret extension in RFC
5746? It looks like the original comment which refers to RFC7627
"Transport Layer Security (TLS) Session Hash anf Extended Master Secret
Extension" ma
Looks fine to me.
Xuelei
> On Jun 18, 2018, at 1:24 PM, Valerie Peng wrote:
>
> Hi
>
> Can someone please help review this fix for addressing JCK test failure?
> Changes are very trivial, just check for null and thrown InvalidKeyException
> instead of letting NPE be thrown later.
>
> Bug: ht
Hello,
not a Reviewer, but some Questions on the CSR:
- Are there other CSRs for including in TLS?
- I also wonder if PKI (CA Signatures) will work out of the box then (OID
aliases?)
- Does PKCS11 require additional changes? (especially for the Government use
mentioned in the justification HSMs
Hi
Can someone please help review this fix for addressing JCK test failure?
Changes are very trivial, just check for null and thrown
InvalidKeyException instead of letting NPE be thrown later.
Bug: https://bugs.openjdk.java.net/browse/JDK-8204152
Webrev: http://cr.openjdk.java.net/~valeriep/82
Hello,
according to Snyk’s Zip Slip vulnerability report (the issue with file Name
traversal by extracted Archives) was also sent to Oracle and since
Java.util.zip.ZipEntry is a low-Level api the proper Action is changes to the
documentation.
https://github.com/snyk/zip-slip-vulnerability
I w
Hi Xuelei,
Looks fine.
-line 39, I didn't find info on extended master secret extension in RFC
5746? It looks like the original comment which refers to RFC7627
"Transport Layer Security (TLS) Session Hash anf Extended Master Secret
Extension" matches better.
Looks fine.
Valerie
**
On 5/
CertificateMessage.java
X509TrustManagerImpl.java
X509KeyManagerImpl.java
-
These implementation has not consider the impact of RSASSA-PSS key type.
Xuelei
On 6/8/2018 10:21 AM, Xuelei Fan wrote:
Here is the 3rd full webrev:
http://cr.openjdk.java.net/~xuelei/819658
