Re: [JDK-8146293] - Proposal to fix RSASSA-PSS AlgorithmChecker constraints for TLS 1.2

Hi Chris, Comments inline ... On 2/10/17 4:41 PM, Christopher Fox wrote: We have been looking into supporting RSASSA-PSS signature algorithms within the chain of an end-entity certificate used for TLS 1.2. The EE certificate itself is not signed with RSASSA-PSS. As mentioned in JDK-8146293

Re: RFR 8006259: Test example vectors from NIST SP 800-38A

Fixed. Here is the new webrev: http://cr.openjdk.java.net/~apetcher/8006259/webrev.01/ On 2/16/2017 8:26 PM, Valerie Peng wrote: Changes look fine. Just a nit on code conventions, we normally use the style below: try { ... } catch (..) { ... } Can you update the test source to follow the same

Re: [JDK-8146293] - Proposal to fix RSASSA-PSS AlgorithmChecker constraints for TLS 1.2

Hello Sean, That's great news that the change is in JDK9. Will the change be back-ported to a JDK8 update as well? Our product is currently on JDK8. Thanks, Chris Fox From: Sean Mullan Sent: Friday, February 17, 2017 10:57:33 AM To: Christopher Fox; securi

Re: [JDK-8146293] - Proposal to fix RSASSA-PSS AlgorithmChecker constraints for TLS 1.2

On 2/17/17 11:21 AM, Christopher Fox wrote: Hello Sean, That's great news that the change is in JDK9. Will the change be back-ported to a JDK8 update as well? Yes, but exactly which update is still TBD. --Sean Our product is currently on JDK8. Thanks, Chris Fox --

Re: RFR 8006259: Test example vectors from NIST SP 800-38A

Update looks good. Thanks, Valerie On 2/17/2017 8:18 AM, Adam Petcher wrote: Fixed. Here is the new webrev: http://cr.openjdk.java.net/~apetcher/8006259/webrev.01/ On 2/16/2017 8:26 PM, Valerie Peng wrote: Changes look fine. Just a nit on code conventions, we normally use the style below: t