RE: RFR: 8237962: give better error output for invalid OCSP response intervals in CertPathValidator checks

Thanks, may I have a second review ? Best regards, Matthias > Looks good. > > Thanks, > Sean > > On 1/29/20 4:20 AM, Baesken, Matthias wrote: > > > > Hi Sean, new webrev : > > > > > > http://cr.openjdk.java.net/~mbaesken/webrevs/8237962.1/ > > > > > > Best Regards, Matthias > >

RE: 8238157: security/infra/java/security/cert/CertPathValidator/certification/AmazonCA.java tests failures because of revocation date

Hello Sean, it is intermittent (we see it ~ 1-2 times per week in our tests ). > Also do you see it with CRLs or OCSP? I think it is OCSP, at least the log says OCSP a lot of times 😊 ! > Perhaps the revocation date in > the CRL and OCSP response is off by one second Yeah, looks like this ! B

RE: RFR: 8237962: give better error output for invalid OCSP response intervals in CertPathValidator checks

Hi Matthias, I'm wondering whether we should add cpve as cause of the RuntimeException in test/jdk/security/infra/java/security/cert/CertPathValidator/certification/ValidatePathWithParams.java, line 177, instead of printing it out explicitly? Like: throw new RuntimeException(

Regarding OpenJDK bug#JDK-8211787

Hi, The bug JDK-8211787 has been resolved by changing the test case timeout from 5000 to 25000 ms. Could someone please explain what changed in jdk to increase the socket timeout of a test case which was working fine in 8 but with 12? Thanks, Bharath

RE: RFR: 8237962: give better error output for invalid OCSP response intervals in CertPathValidator checks

Hi Christoph, that sounds like a good idea . New webrev : http://cr.openjdk.java.net/~mbaesken/webrevs/8237962.3/ Thanks, Matthias > Hi Matthias, > > I'm wondering whether we should add cpve as cause of the > RuntimeException in > test/jdk/security/infra/java/security/cert/CertPathValidator

[15] RFR: 8191395: policy.allowSystemProperty and policy.expandProperties also apply to JAAS configurations

Please review this small change to the documentation of these two security properties. webrev: http://cr.openjdk.java.net/~mullan/webrevs/8191395/webrev.00/ bug: https://bugs.openjdk.java.net/browse/JDK-8191395 Thanks, Sean

RFR 8238264: Exception thrown when setting javax.net.ssl.keyStoreType = PKCS11

Hi, I'd like to have a review for 8238264 [1]. Webrev.00: * http://cr.openjdk.java.net/~mbalao/webrevs/8238264/8238264.webrev.00/ Thanks, Martin.- -- [1] - https://bugs.openjdk.java.net/browse/JDK-8238264

Re: [15] RFR: 8191395: policy.allowSystemProperty and policy.expandProperties also apply to JAAS configurations

Looks fine. Does this require a CSR? Thanks, Max > On Jan 31, 2020, at 3:18 AM, Sean Mullan wrote: > > Please review this small change to the documentation of these two security > properties. > > webrev: http://cr.openjdk.java.net/~mullan/webrevs/8191395/webrev.00/ > bug: https://bugs.openjdk