Re: RFR: 8267319: Use larger default key sizes and algorithms based on CNSA

On Wed, 2 Mar 2022 00:13:41 GMT, Valerie Peng wrote: > It's been several years since we increased the default key sizes. Before > shifting to PQC, NSA replaced its Suite B cryptography recommendations with > the Commercial National Security Algorithm Suite which suggests: > > - SHA-384 for

RFR: 8267319: Use larger default key sizes and algorithms based on CNSA

It's been several years since we increased the default key sizes. Before shifting to PQC, NSA replaced its Suite B cryptography recommendations with the Commercial National Security Algorithm Suite which suggests: - SHA-384 for secure hashing - AES-256 for symmetric encryption - RSA with 3072

Re: RFR: 8282511: Use fixed certificate validation date in SSLExampleCert template [v2]

> May I have this test update reviewed? > > The certificates used in SSL testing template SSLExampleCert could expired in > the future (for example > [JDK-8282398](https://bugs.openjdk.java.net/browse/JDK-8282398)). It is not > always easy to replace the certificates if the template has been

Re: RFR: 8282511: Use fixed certificate validation date in SSLExampleCert template [v2]

On Tue, 1 Mar 2022 23:23:53 GMT, Xue-Lei Andrew Fan wrote: >> May I have this test update reviewed? >> >> The certificates used in SSL testing template SSLExampleCert could expired >> in the future (for example >> [JDK-8282398](https://bugs.openjdk.java.net/browse/JDK-8282398)). It is not

Re: RFR: 8282511: Use fixed certificate validation date in SSLExampleCert template [v2]

On Tue, 1 Mar 2022 22:56:54 GMT, Rajan Halade wrote: >> Xue-Lei Andrew Fan has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Chaneg to use DateFormat > > test/jdk/javax/net/ssl/ServerName/EndingDotHostname.java line 26: > >> 24: /** >>

Re: RFR: 8282511: Use fixed certificate validation date in SSLExampleCert template

On Tue, 1 Mar 2022 22:38:30 GMT, Xue-Lei Andrew Fan wrote: > May I have this test update reviewed? > > The certificates used in SSL testing template SSLExampleCert could expired in > the future (for example > [JDK-8282398](https://bugs.openjdk.java.net/browse/JDK-8282398). It is not >

RFR: 8282511: Use fixed certificate validation date in SSLExampleCert template

May I have this test update reviewed? The certificates used in SSL testing template SSLExampleCert could expired in the future (for example [JDK-8282398](https://bugs.openjdk.java.net/browse/JDK-8282398). It is not always easy to replace the certificates if the template has been used a lot.

Integrated: 8282320: Remove case conversion for debugging log in SSLCipher

On Wed, 23 Feb 2022 22:08:03 GMT, Xue-Lei Andrew Fan wrote: > String.toUpperCase() is used in SSLCipher.java for debugging logging, which > is not necessary. See also comment in [this > PR](https://github.com/openjdk/jdk/pull/7583). This pull request has now been integrated. Changeset:

Re: RFR: 8282320: Remove case conversion for debugging log in SSLCipher

On Wed, 23 Feb 2022 22:08:03 GMT, Xue-Lei Andrew Fan wrote: > String.toUpperCase() is used in SSLCipher.java for debugging logging, which > is not necessary. See also comment in [this > PR](https://github.com/openjdk/jdk/pull/7583). Marked as reviewed by weijun (Reviewer). - PR:

Re: RFR: 8282320: Remove case conversion for debugging log in SSLCipher

On Wed, 23 Feb 2022 22:08:03 GMT, Xue-Lei Andrew Fan wrote: > String.toUpperCase() is used in SSLCipher.java for debugging logging, which > is not necessary. See also comment in [this > PR](https://github.com/openjdk/jdk/pull/7583). ping ... - PR: