Re: RFR: 8257733: Move module-specific data from make to respective module [v6]

> A lot (but not all) of the data in make/data is tied to a specific module. > For instance, the publicsuffixlist is used by java.base, and fontconfig by > java.desktop. (A few directories, like mainmanifest, is *actually* used by > make for the whole build.) > > These data files should move

Re: RFR: 8257733: Move module-specific data from make to respective module [v5]

On Mon, 18 Jan 2021 13:47:20 GMT, Magnus Ihse Bursie wrote: >> A lot (but not all) of the data in make/data is tied to a specific module. >> For instance, the publicsuffixlist is used by java.base, and fontconfig by >> java.desktop. (A few directories, like mainmanifest, is *actually* used by

Re: RFR: 8257733: Move module-specific data from make to respective module [v6]

On Tue, 15 Mar 2022 23:50:20 GMT, Magnus Ihse Bursie wrote: >> A lot (but not all) of the data in make/data is tied to a specific module. >> For instance, the publicsuffixlist is used by java.base, and fontconfig by >> java.desktop. (A few directories, like mainmanifest, is *actually* used by

Re: RFR: 8282633: jarsigner output does not explain why an EC key is disabled if its curve has been disabled [v2]

On Tue, 15 Mar 2022 15:37:25 GMT, Hai-May Chao wrote: >> When a named curve is disabled in `jdk.disabled.namedCurves` property which >> is included in `jdk.jar.disabledAlgorithms` and >> `jdk.certpath.disabledAlgorithms`, `jarsigner` should display the disabled >> named curve as a result of

Re: RFR: 8282633: jarsigner output does not explain why an EC key is disabled if its curve has been disabled

On Mon, 14 Mar 2022 17:41:28 GMT, Hai-May Chao wrote: > When a named curve is disabled in `jdk.disabled.namedCurves` property which > is included in `jdk.jar.disabledAlgorithms` and > `jdk.certpath.disabledAlgorithms`, `jarsigner` should display the disabled > named curve as a result of its

Re: RFR: 8282633: jarsigner output does not explain why an EC key is disabled if its curve has been disabled [v2]

> When a named curve is disabled in `jdk.disabled.namedCurves` property which > is included in `jdk.jar.disabledAlgorithms` and > `jdk.certpath.disabledAlgorithms`, `jarsigner` should display the disabled > named curve as a result of its disabled algorithm constraint checking. This > clarifies

Re: RFR: 8282633: jarsigner output does not explain why an EC key is disabled if its curve has been disabled

On Tue, 15 Mar 2022 01:16:59 GMT, Weijun Wang wrote: >> When a named curve is disabled in `jdk.disabled.namedCurves` property which >> is included in `jdk.jar.disabledAlgorithms` and >> `jdk.certpath.disabledAlgorithms`, `jarsigner` should display the disabled >> named curve as a result of

Integrated: 8282633: jarsigner output does not explain why an EC key is disabled if its curve has been disabled

On Mon, 14 Mar 2022 17:41:28 GMT, Hai-May Chao wrote: > When a named curve is disabled in `jdk.disabled.namedCurves` property which > is included in `jdk.jar.disabledAlgorithms` and > `jdk.certpath.disabledAlgorithms`, `jarsigner` should display the disabled > named curve as a result of its

RFR: 8283092: JMX subclass permission check redundant with strong encapsulation

Removing permission checks which, in the presence of a Security Manager, would check for a RuntimePermission "className.subclass". This was to prevent subclassing these classes, but is no longer necessary with strong encapsulation from modules. - Commit messages: - 8283092: JMX

Re: RFR: 8267319: Use larger default key sizes and algorithms based on CNSA [v5]

On Mon, 14 Mar 2022 21:18:56 GMT, Weijun Wang wrote: >> Valerie Peng has updated the pull request incrementally with one additional >> commit since the last revision: >> >> Update again and undo DSA changes > >

Re: RFR: 8267319: Use larger default key sizes and algorithms based on CNSA [v5]

On Mon, 14 Mar 2022 21:24:15 GMT, Weijun Wang wrote: >> Valerie Peng has updated the pull request incrementally with one additional >> commit since the last revision: >> >> Update again and undo DSA changes > >

Re: RFR: 8282293: Domain value for system property jdk.https.negotiate.cbt should be case-insensitive [v2]

On Thu, 10 Mar 2022 05:59:14 GMT, Sibabrata Sahoo wrote: >> Domain value for system property jdk.https.negotiate.cbt is >> case-insensitive now. Included Test has been updated to address the change. > > Sibabrata Sahoo has updated the pull request incrementally with one > additional commit

Re: RFR: 8267319: Use larger default key sizes and algorithms based on CNSA [v6]

> It's been several years since we increased the default key sizes. Before > shifting to PQC, NSA replaced its Suite B cryptography recommendations with > the Commercial National Security Algorithm Suite which suggests: > > - SHA-384 for secure hashing > - AES-256 for symmetric encryption > -

Re: [Internet]Re: Proposal for potential new feature: TLS Certificate Compression

On 3/14/22 2:21 PM, xueleifan(XueleiFan) wrote: Hi Jamil, Thank you for the support of this proposal.  I am happy to move on to the next JEP process if no objections or comments in the coming weeks. Hi All, Please let me know if more time is required for the review of the proposal. I

Re: RFR: 8267319: Use larger default key sizes and algorithms based on CNSA [v5]

On Tue, 15 Mar 2022 20:44:20 GMT, Valerie Peng wrote: >> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11KeyPairGenerator.java >> line 122: >> >>> 120: default -> { >>> 121: throw new ProviderException >>> 122: ("Unrecognized

Re: RFR: 8267319: Use larger default key sizes and algorithms based on CNSA [v6]

On Tue, 15 Mar 2022 20:51:25 GMT, Valerie Peng wrote: >> It's been several years since we increased the default key sizes. Before >> shifting to PQC, NSA replaced its Suite B cryptography recommendations with >> the Commercial National Security Algorithm Suite which suggests: >> >> - SHA-384