On 06/21/2015 11:21 AM, Thomas Lußnig wrote:
Hi,

we are talking about security. So is there any reason why the OpenJDK
should include not the same Blacklisted Certificates
as in other Jdk Versions?

Although we have included some blacklisted certificates in OpenJDK, there are cases where it makes more sense for each vendor to also be able to maintain their own list, as the certificates may only be applicable to the root CA certificates or extensions that they include, etc.

Thanks,
Sean

Or with other words does it make sense to do
other blacklist tests in openjdk at all ?



Gruß Thomas

On 18.06.2015 01:00, Rajan Halade wrote:
May I request you to review small fix to CheckBlacklistedCerts test to
correctly determine if OpenJDK build is used.

Webrev: http://cr.openjdk.java.net/~rhalade/8060103/webrev.00/
Bug: https://bugs.openjdk.java.net/browse/JDK-8060103

Thanks,
Rajan

Reply via email to