On 10/12/2016 04:06 PM, Anthony Scarpino wrote:
On 10/12/2016 12:15 PM, Sean Mullan wrote:
On 10/12/2016 01:47 PM, Anthony Scarpino wrote:
New webrev: http://cr.openjdk.java.net/~ascarpino/8165274/webrev.02/
* DisabledAlgorithmConstraints
700 "Algorithm constraints
* AlgorithmChecker
Not sure why these changes are necessary or why the check method has
been made non-static. Isn't the previous code sufficient?
* OCSP
129 responderURI, new OCSPResponse.IssuerInfo(null,
issuerCert), null,
Passing null to OCSPResponse.IssuerInfo will throw an
On 10/12/2016 12:15 PM, Sean Mullan wrote:
On 10/12/2016 01:47 PM, Anthony Scarpino wrote:
New webrev: http://cr.openjdk.java.net/~ascarpino/8165274/webrev.02/
* DisabledAlgorithmConstraints
700 "Algorithm constraints check failed on
keysize limits."
701
On 10/12/2016 01:47 PM, Anthony Scarpino wrote:
New webrev: http://cr.openjdk.java.net/~ascarpino/8165274/webrev.02/
* DisabledAlgorithmConstraints
700 "Algorithm constraints check failed on
keysize limits."
701 + algorithm + " " +
New webrev: http://cr.openjdk.java.net/~ascarpino/8165274/webrev.02/
On 10/12/2016 07:55 AM, Sean Mullan wrote:
* AlgorithmChecker
Not sure why these changes are necessary or why the check method has
been made non-static. Isn't the previous code sufficient?
Yeah, that change doesn't appear
On 10/12/2016 01:41 PM, Sean Mullan wrote:
On 10/12/2016 04:06 PM, Anthony Scarpino wrote:
Later in the verify(), AlgorithmChecker needs a TrustAnchor object. In
this case, because it's the old method that deploy is using, I have to
manufacture a TrustAnchor until they can use the new method
