Re: JEP 411, removal of finalizers, a path forward.

2021/8/3 9:40:58 -0700, sean.mul...@oracle.com: > On 8/2/21 8:28 PM, Peter Firmstone wrote: >> ... >> >> Having established that OpenJDK is not yet willing to compromise, I have >> been attempting to create an authorization layer using Agents, so that I >> can restore perimeter security following

Re: Kerberos Credential Retrieval from Cache not Working in Cross-Realm Setup

2021/6/29 5:17:39 -0700, anika.westb...@raytion.com: > Dear Developers, > > we have the problem with Kerberos and AdoptOpenJDK in a cross-realm > setup that the first request succeeds, but subsequent requests > fail. The reason is that the ticket from the referrals cache does not > work for proxy

New candidate JEP: 411: Deprecate the Security Manager for Removal

https://openjdk.java.net/jeps/411 Summary: Deprecate the Security Manager for removal in a future release. The Security Manager dates from Java 1.0. It has not been the primary means of securing client-side Java code for many years, and it has rarely been used to secure server-side code. T

Re: RFR: 8248862: Implement Enhanced Pseudo-Random Number Generators [v14]

On Mon, 18 Jan 2021 16:45:00 GMT, Jim Laskey wrote: >> This PR is to introduce a new random number API for the JDK. The primary API >> is found in RandomGenerator and RandomGeneratorFactory. Further description >> can be found in the JEP https://openjdk.java.net/jeps/356 . >> >> javadoc can be

Re: RFR: 8257733: Move module-specific data from make to respective module

2020/12/4 6:08:13 -0800, er...@openjdk.java.net: > On Fri, 4 Dec 2020 12:30:02 GMT, Alan Bateman wrote: >>> And I can certainly move jdwp.spec to java.base instead. That's the >>> reason I need input on this: All I know is that is definitely not >>> the responsibility of the Build Group to maintai

Re: RFR: JDK-8255262: Remove use of legacy custom @spec tag

On Thu, 22 Oct 2020 17:16:23 GMT, Jonathan Gibbons wrote: > The change is (just) to remove legacy usages of a JDK-private custom tag. As the creator of these tags many moons ago, I approve this change. - Marked as reviewed by mr (Lead). PR: https://git.openjdk.java.net/jdk/pull/81

New candidate JEP: 339: Edwards-Curve Digital Signature Algorithm (EdDSA)

http://openjdk.java.net/jeps/339 - Mark

JEP 332: Transport Layer Security (TLS) 1.3

New JEP Candidate: http://openjdk.java.net/jeps/332 - Mark

JEP 329: ChaCha20 and Poly1305 Cryptographic Algorithms

New JEP Candidate: http://openjdk.java.net/jeps/329 - Mark

JEP 324: Key Agreement with Curve25519 and Curve448

New JEP Candidate: http://openjdk.java.net/jeps/324 - Mark

JEP 319: Root Certificates

New JEP Candidate: http://openjdk.java.net/jeps/319 - Mark

JEP 288: Disable SHA-1 Certificates

New JEP Candidate: http://openjdk.java.net/jeps/288 - Mark

JEP 287: SHA-3 Hash Algorithms

New JEP Candidate: http://openjdk.java.net/jeps/287 - Mark

JEP 273: DRBG-Based SecureRandom Implementations

New JEP Candidate: http://openjdk.java.net/jeps/273 - Mark

JEP 249: OCSP Stapling for TLS

New JEP Candidate: http://openjdk.java.net/jeps/249 - Mark

JEP 246: Leverage CPU Instructions for GHASH and RSA

New JEP Candidate: http://openjdk.java.net/jeps/246 - Mark

JEP 232: Improve Secure Application Performance

New JEP Candidate: http://openjdk.java.net/jeps/232 - Mark

JEP 229: Create PKCS12 Keystores by Default

New JEP Candidate: http://openjdk.java.net/jeps/229 - Mark

JEP 219: Datagram Transport Layer Security (DTLS)

New JEP Candidate: http://openjdk.java.net/jeps/219 - Mark

Re: Trusted service?

2014/8/13 7:20 -0700, alan.bate...@oracle.com: > The usual thing is to just have a default implementation that is used > when ServiceLoader doesn't locate a useful provider. You'll find many > examples of this in the JDK. In those cases then the default is not > listed in a services configuratio

Changeset rolled back: jdk8/tl/jdk: 7152892: some jtreg tests fail with permission denied

This changeset was erroneously pushed to jdk8/tl/jdk: Changeset: da4b0962ad11 Author:robm Date: 2014-02-10 14:35 + URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/da4b0962ad11 7152892: some jtreg tests fail with permission denied Reviewed-by: coffeys ! test/java/

Re: hg: jdk8/tl/jdk: 8027687: The constructors of URLPermission class do not behave as described in javad

2013/11/4 1:49 -0800, michael.x.mcma...@oracle.com: > Changeset: 48449b5390fa > Author:michaelm > Date: 2013-11-04 17:47 + > URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/48449b5390fa > > 8027687: The constructors of URLPermission class do not behave as described > in javad >

JEP 166: Overhaul JKS-JCEKS-PKCS12 Keystores

Posted: http://openjdk.java.net/jeps/166 - Mark

Re: Time format in jar and jarsigner output (was Re: Code review request: 7163483 JarSigner -verify -verbose does not format date string according to locale)

2012/7/6 3:27 -0700, weijun.w...@oracle.com: > I have these questions: > > ... > > Well, if you really think the current "Fri Jul" output is too English, instead > of localizing the string, how about we de-localize it totally and choose a > neutral format? Excellent idea! > There are several fl

JEP 152: Crypto Operations with Network HSMs

Posted: http://openjdk.java.net/jeps/152 - Mark

JEP 140: Limited doPrivileged

Posted: http://openjdk.java.net/jeps/140 - Mark

JEP 131: PKCS#11 Crypto Provider for 64-bit Windows

Posted: http://openjdk.java.net/jeps/131 - Mark

JEP 130: SHA-224 Message Digests

Posted: http://openjdk.java.net/jeps/130 - Mark

JEP 129: NSA Suite B Cryptographic Algorithms

Posted: http://openjdk.java.net/jeps/129 - Mark

JEP 124: Enhance the Certificate Revocation-Checking API

Posted: http://openjdk.java.net/jeps/124 - Mark

JEP 123: Configurable Secure Random-Number Generation

Posted: http://openjdk.java.net/jeps/123 - Mark

JEP 121: Stronger Algorithms for Password-Based Encryption

Posted: http://openjdk.java.net/jeps/121 - Mark

JEP 116: Extended Validation Certificates

Posted: http://openjdk.java.net/jeps/116 - Mark

JEP 115: AEAD CipherSuites

Posted: http://openjdk.java.net/jeps/115 - Mark

JEP 114: TLS Server Name Indication (SNI) Extension

Posted: http://openjdk.java.net/jeps/114 - Mark

JEP 113: MS-SFU Kerberos 5 Extensions

Posted: http://openjdk.java.net/jeps/113 - Mark

Re: hg: jdk7/tl/corba: 8 new changesets

FYI I've rolled back these changesets, together with the merge changesets that followed them, and I've added the first changeset in the sequence (2ded3bb14529) to the jcheck blacklist. The tip revision in jdk7/tl/corba is now: changeset: 207:8260ec509a10 parent: 203:76aeef3afc04 pare

[security-dev 01103]: Re: hg: jdk7/tl/jdk: 6843995: Added RowsetFactory and Deprecate COMMIT_ON_ACCEPT_CHANGES, make constants final that needed to be.

This change was integrated prematurely. I've rolled it back in the jdk7/tl/jdk repository. If you've already pulled it into a local repository then you can remove it using the hg strip command, which is part of the mq extension. Your tip changeset should be: changeset: 1563:5cd12b68d09b u

[security-dev 00290]: Re: Heads up: Bad changeset rollback

> Date: Wed, 03 Sep 2008 13:08:38 -0700 > From: [EMAIL PROTECTED] > Last night there was a changeset introduced to the JSN gate that > contained an incorrect changeset comment. Rather than pollute the > changeset history for everyone, we're going to rollback this changeset, > and have the author