Re: RFR - CSR: 8213082: (zipfs) Add support for POSIX file permissions (was: Re: RFR 8213031: (zipfs) Add support for POSIX file permissions)

2019-01-02 Thread Alan Bateman
On 21/12/2018 13:43, Langer, Christoph wrote: Hi Alan, Adding support for POSIX file permissions to the zip APIs is problematic as we've been discussing here. There are security concerns and also concerns that how it interacts with JAR files and signed JAR in particular. I don't disagree that w

Re: [12] RFR 8215694: keytool cannot generate RSASSA-PSS certificates

2019-01-02 Thread Xue-Lei Fan
sigAlg.equalsIgnoreCase("RSASSA-PSS"): Do you really want to ignore the case? I used to think that an algorithm name is case sensitive. Main.java:1445 minor, 4 more indent? AlgorithmId.java:1073-1091: I may prefer to use cached parameters (for both AlgorithmParameters and AlgorithmParameterS

Re: RFR 6722928: Support SSPI as a native GSS-API provider

2019-01-02 Thread Nico Williams
On Wed, Jan 02, 2019 at 10:59:26AM +0800, Weijun Wang wrote: > > On Dec 31, 2018, at 2:36 PM, Nico Williams > > wrote: > > On Fri, Dec 28, 2018 at 09:07:04PM +0800, Weijun Wang wrote: > >> If we are not going to use or implement new functions defined in RFC 5587, > >> I > >> doubt if this is use

RFR (12): 8215318: Amend the Standard Algorithm Names specification to clarify that names can be defined in later versions

2019-01-02 Thread Sean Mullan
Please review this change to the Java Security Standard Algorithm Names specification [1] to clarify that standard names that are defined in later versions of SE are also supported in prior versions, as long as the applicable Security APIs are also supported. Please see the CSR for the motivat

Re: RFR (12): 8215318: Amend the Standard Algorithm Names specification to clarify that names can be defined in later versions

2019-01-02 Thread Anthony Scarpino
Looks fine Tony On 1/2/19 12:42 PM, Sean Mullan wrote: Please review this change to the Java Security Standard Algorithm Names specification [1] to clarify that standard names that are defined in later versions of SE are also supported in prior versions, as long as the applicable Security API

RE: RFR (12): 8215318: Amend the Standard Algorithm Names specification to clarify that names can be defined in later versions

2019-01-02 Thread Iris Clark
Hi, Sean. These changes look good. Thanks, iris -Original Message- From: Sean Mullan Sent: Wednesday, January 2, 2019 12:43 PM To: security Dev OpenJDK ; IRIS,CLARK Subject: RFR (12): 8215318: Amend the Standard Algorithm Names specification to clarify that names can be defined in la

Re: RFR 6722928: Support SSPI as a native GSS-API provider

2019-01-02 Thread Nico Williams
On Wed, Jan 02, 2019 at 04:21:52PM +, Nico Williams wrote: > On Wed, Jan 02, 2019 at 10:59:26AM +0800, Weijun Wang wrote: > > > On Dec 31, 2018, at 2:36 PM, Nico Williams > > > wrote: > > > On Fri, Dec 28, 2018 at 09:07:04PM +0800, Weijun Wang wrote: > > >> If we are not going to use or imple

Re: RFR 6722928: Support SSPI as a native GSS-API provider

2019-01-02 Thread Weijun Wang
> On Jan 3, 2019, at 6:23 AM, Nico Williams wrote: > > On Wed, Jan 02, 2019 at 04:21:52PM +, Nico Williams wrote: >> On Wed, Jan 02, 2019 at 10:59:26AM +0800, Weijun Wang wrote: On Dec 31, 2018, at 2:36 PM, Nico Williams wrote: On Fri, Dec 28, 2018 at 09:07:04PM +0800, Wei