Re: RFR JDK-8029661: JDK-Support TLS v1.2 algorithm in SunPKCS11 provider

Hi Valerie, Webrev 05: * http://cr.openjdk.java.net/~mbalao/webrevs/8029661/8029661.webrev.05/ * http://cr.openjdk.java.net/~mbalao/webrevs/8029661/8029661.webrev.05.zip New in Webrev 05: * Explicitly casted prfHashMechanism to CK_MECHANISM_TYPE type to avoid building warning on some

Re: RFR[11] JDK-8206258: [Test Error] sun/security/pkcs11 tests fail if NSS libs not found

Hi John, Changes look fine. I just have one nit, perhaps add more information reporting when skipping tests, e.g. PKCS11Test: line 163, TestNssDbSqlite.java: line 68. Thanks, Valerie On 7/9/2018 12:38 AM, sha.ji...@oracle.com wrote: Hi Thomas, Thanks for your testing. I'm not sure that's

About Password security : new JEP needed ?

Dear security experts, I would like to hear you about a security flaw still present in Java, and whether it is worth to submit a new feature (JEP) or not. It is about how passwords are managed in the memory. Actually, Meltdown and Spectre show us recently how much it is important to limit

Re: RFR [11] 8207846: Generalize the jdk.net.includeInExceptions security property

Thanks for the review Sean, > On 23 Jul 2018, at 16:58, Sean Mullan wrote: > ... >> http://cr.openjdk.java.net/~chegar/8207846/webrev.00/ > > A few nits and wording suggestions in the java.security file: > > "By default, several exception messages do not include potentially sensitive >

Re: RFR [11] 8207846: Generalize the jdk.net.includeInExceptions security property

On 7/23/18 6:09 AM, Chris Hegarty wrote: After given this some more thought, I now think that I gave in to the comment to change whitespace handing too easy. While maybe not consistent, with the already inconsistent, whitespace handling in java.security, I think ( for this particular case ) the

Re: EC weirdness

On 7/19/2018 3:36 PM, Michael StJohns wrote: On 7/16/2018 4:42 PM, Adam Petcher wrote: Though it has the additional benefit... Actually... The implementation may also need... Nope... I think that you interpreted my statements a bit more specifically that I intended. I was speaking in

Re: Bug in HttpClient

The following issue has been filed in JIRA to track the problem with an HTTP/1.0 response without a Content-Length header: https://bugs.openjdk.java.net/browse/JDK-8207966 -Chris. > On 20 Jul 2018, at 08:38, Severin Gehwolf wrote: > > Adding net-dev > > On Fri, 2018-07-20 at 08:52

Re: RFR [11] 8207846: Generalize the jdk.net.includeInExceptions security property

Sean, > On 20 Jul 2018, at 18:07, Sean Mullan wrote: > > On 7/20/18 11:08 AM, Chris Hegarty wrote: >> This is ambiguous, and needs to be clarified. Surely, it is >> better to use the same wording as the serial filter: >> "Whitespace is significant and is considered part of the value." > >