Hi,
> Maybe its time to provide a PKCS11AttributeSpec of some sort for key
> creation and for looking things up? The current model is literally
> 12-15 years old AFAICT.
I just though I'd second this, albeit late. We're seing the current
PKCS#11 Provider model break down with some new HSMs ou
Hi,
It would be better that javax/net/ssl/TLSCommon/CipherSuite.java has an
attribute on key exchange algorithm.
This attribute could be used on selecting appropriate certificates by
some tests.
Issue: https://bugs.openjdk.java.net/browse/JDK-8210632
Webrev: http://cr.openjdk.java.net/~jjiang/
Please review the fix at
http://cr.openjdk.java.net/~weijun/8211969/webrev.00/
The wrong path was never noticed because we ignore missing files. Now that we
only look for the open one and it should always be there, we will not ignore
it. There won't be such an error again.
Thanks
Max
On Tue, Oct 09, 2018 at 04:31:07PM -0400, Sean Mullan wrote:
> On 10/9/18 4:04 PM, Nico Williams wrote:
> >>In order to file a bug or post a patch, you need to be an author
> >>first. Read here:http://openjdk.java.net/projects/#project-author.
> >So it seems I need to send email to the project lead
On 10/9/18 4:04 PM, Nico Williams wrote:
In order to file a bug or post a patch, you need to be an author
first. Read here:http://openjdk.java.net/projects/#project-author.
So it seems I need to send email to the project lead for... security?
And per-the census that would be Sean Mullan. No ema
On Mon, Oct 08, 2018 at 12:35:33PM +0800, Weijun Wang wrote:
> All patches are posted to http://cr.openjdk.java.net/~weijun/twosigma-gss/.
Thanks!
(The patches I sent to you before posting to the list had the wrong
email address for me. FYI.)
> In order to file a bug or post a patch, you need t
Seems alright to this non-crypto expert.
The key thing I would like to see working is:
If I create a keystore for cacerts and then use it via -with-cacerts-file
taking the defaults, this results in goodness (which presumably means not
getting JKS keystore)
Make sure keystore creators don't have
Hello, Alan commented on it :
* This proposal will require a security review as it leaks sensitive
information into exceptions.
So I forward it to security-dev as well.
If needed, we might use something similar to JDK-8207768 where a category
has been added for enhanced exception m
