I believe I got everyone's comments. I've updated the webrev.
http://cr.openjdk.java.net/~ascarpino/8140422/webrev.02/ Thanks Tony On 02/29/2016 08:55 AM, Anthony Scarpino wrote:
Currently CertPath algorithm restrictions allow or deny all certificates. This change adds the ability to reject certificate chains that contain a restricted algorithm and the chain terminates at a root CA; therefore, allowing a self-signed or chain that does not terminate at a root CA. https://bugs.openjdk.java.net/browse/JDK-8140422 Thanks Tony
