Please review these changes for JDK 7 to correct the trust decision when
examining the signer certificate of an OCSP response. When matching two
certificates the key identifiers should only be checked if present in both.
http://cr.openjdk.java.net/~vinnie/7197652/webrev.00/
Thanks.
Changeset: 39cbe256c3d1
Author:alanb
Date: 2012-10-01 15:36 +0100
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/39cbe256c3d1
8000269: Cleanup javadoc warnings
Reviewed-by: lancea, darcy, ulfzibis, iris, naoto, dholmes
! src/share/classes/java/io/FilePermission.java
! src/share/cl
At 08:27 PM 9/28/2012, mark.reinh...@oracle.com wrote:
>Posted: http://openjdk.java.net/jeps/166
>
>- Mark
This seems at least partially related to JEP 121 and maybe even dependent on
it. Might be useful to have a cross reference. Also, probably useful to
decide/state a new default PKCS12 algo
Hello Mike,
The new PBE algorithms in JEP-121, such as PBEWithHmacSHA256AndAES_128, could
certainly be used
for PKCS12 keystores within Java environments - the problem is maintaining
interoperability with existing
crypto toolkits and web browsers.
Is there any interest among those on this list
My main reason for suggesting this is that the all but one of the algorithm
suites defined in PKCS12 are either deprecated or prohibited by NIST guidance.
The undeprecated suite appears to be the default one used by the java
implementation. It would be nice to have a choice.
See below.
At 12
We could examine a mechansim for keystore applications to override the default
PBE algorithm for protecting keys and certs.
Maybe extend KeyStore.LoadStoreParameter?
On 1 Oct 2012, at 18:50, Michael StJohns wrote:
> My main reason for suggesting this is that the all but one of the algorithm
>
At 02:17 PM 10/1/2012, Vincent Ryan wrote:
>We could examine a mechansim for keystore applications to override the default
>PBE algorithm for protecting keys and certs.
>Maybe extend KeyStore.LoadStoreParameter?
So don't change the PKCS12 instance type, instead deal with this on an entry by
ent
Extending KeyStore.PasswordProtection works well for keys and for certs.
To retain its immutability, a new constructor that takes the PBE
algorithm name and a new getter could be added.
Thanks.
On 01/10/2012 20:03, Michael StJohns wrote:
At 02:17 PM 10/1/2012, Vincent Ryan wrote:
We could ex
Max,
Yes, I ran the tools and the unit tests which did find missing resources
that I duplicated. This is not a type of new split, at one time all 3
tools had there resources in the sun...util.Resources class and the
JarSigner was split out to not be in the rt.jar, but in tools.jar, so
this lo
Max,
I got the impression from Alan that we will only do that when asked.
Steve.
On 09/21/2012 03:48 AM, Weijun Wang wrote:
Also, I remember we agreed on leaving a s.s.t.KeyTool class whose main()
simply calls s.s.t.k.Main.main(). Are we still going to do that?
Thanks
Max
On 09/21/2012 03:45
On 09/21/2012 06:29 AM, Alan Bateman wrote:
On 21/09/2012 02:49, Stephen Flores wrote:
Max, Sean, Alan,
Please review this webrev:
http://cr.openjdk.java.net/~sflores/7194449/webrev-0/
Note: I will respond to any comments when I get back from vacation on
Monday Oct. 1.
Changes:
Moved jars
11 matches
Mail list logo
