Re: [15] RFR JDK-8242151 Improve OID mapping and reuse among JDK security providers for aliases registration

> On Apr 30, 2020, at 9:55 PM, Weijun Wang wrote: > > Sorry, it's been a busy day on something else and I haven't looked at your > webrev.01 yet. Will look at it tomorrow. > >> On Apr 30, 2020, at 8:15 AM, Valerie Peng wrote: >> >> >> If you look at the original SunJCE impl, it also did

RFR[15] 8242060: Add revocation checking to jarsigner

Hi, I’d like to request a review for: JBS: https://bugs.openjdk.java.net/browse/JDK-8242060 CSR: https://bugs.openjdk.java.net/browse/JDK-8244046 Webrev: https://cr.openjdk.java.net/~hchao/8242060/webrev.00/ The jarsigner command currently does certificate chain validation, but does not check

Re: [15] RFR: 8242335: Additional Tests for RSASSA-PSS

Hi, Siba, Here are my comments: - Typos: Initialisation -> Initialization. - the 2nd algorithm specific initialization using reflection doesn't seem too useful. The code path should be exactly the same as the non-reflection one. Maybe just remove it. Rest looks fine. Thanks, Valerie On

Re: RFR 8244087: 2020-04-24 public suffix list update

Looks good to me. --Sean On 4/29/20 4:08 AM, Weijun Wang wrote: Please take a review at https://cr.openjdk.java.net/~weijun/8244087/webrev.00 I modified the test a little and thus updated the test program with a new copyright year and a @bug. This makes sure the automatic (?) verifier

Re: RFR: 8225068: Remove DocuSign root certificate that is expiring in May 2020

On 4/30/20 2:53 PM, Michael StJohns wrote: On 4/30/2020 2:11 PM, Rajan Halade wrote: Please review this patch to remove Keynectis CA certificate from cacerts store. Webrev: http://cr.openjdk.java.net/~rhalade/8225068/webrev.00/ Thanks, Rajan Hi - There are three other certificates

Re: RFR: 8225068: Remove DocuSign root certificate that is expiring in May 2020

Looks fine to me. --Sean On 4/30/20 2:11 PM, Rajan Halade wrote: Please review this patch to remove Keynectis CA certificate from cacerts store. Webrev: http://cr.openjdk.java.net/~rhalade/8225068/webrev.00/ Thanks, Rajan

Re: RFR: 8225068: Remove DocuSign root certificate that is expiring in May 2020

On 4/30/2020 2:11 PM, Rajan Halade wrote: Please review this patch to remove Keynectis CA certificate from cacerts store. Webrev: http://cr.openjdk.java.net/~rhalade/8225068/webrev.00/ Thanks, Rajan Hi - There are three other certificates expiring a week after the one you're removing -

RFR: 8225068: Remove DocuSign root certificate that is expiring in May 2020

Please review this patch to remove Keynectis CA certificate from cacerts store. Webrev: http://cr.openjdk.java.net/~rhalade/8225068/webrev.00/ Thanks, Rajan

RFR JDK-8240871: SSLEngine handshake status immediately after the handshake can be NOT_HANDSHAKING rather than FINISHED with TLSv1.3

Hi, Could I get the following update reviewed: http://cr.openjdk.java.net/~xuelei/8240871/webrev.00/ For TLS 1.3 full handshake, if the last handshake flight wraps the Finished together with other handshake message, for example client certificate, the flight could be wrapped and encrypted

Re: [15] RFR JDK-8242151 Improve OID mapping and reuse among JDK security providers for aliases registration

Sorry, it's been a busy day on something else and I haven't looked at your webrev.01 yet. Will look at it tomorrow. > On Apr 30, 2020, at 8:15 AM, Valerie Peng wrote: > > > If you look at the original SunJCE impl, it also did not register oid for RC4 > cipher. So, that's why I didn't include

Re: RFR 8243592: Subject$SecureSet::contains(null) is suboptimal

Webrev updated at http://cr.openjdk.java.net/~weijun/8243592/webrev.02/ I removed my old test and rewrite the existing SubjectNullTests.java test in TestNG with quite some new test cases. There are so many behavior changes (although we might say good programs are not affected) that I