* AlgorithmChecker
Not sure why these changes are necessary or why the check method has
been made non-static. Isn't the previous code sufficient?
* OCSP
129 responderURI, new OCSPResponse.IssuerInfo(null,
issuerCert), null,
Passing null to OCSPResponse.IssuerInfo will throw an NPE. (but see
comment below)
* OCSPResponse
For IssuerInfo, you don't always have/know the TrustAnchor, so shouldn't
it be optional?
1061 return anchor;
should be indented 4 spaces
--Sean
On 10/10/2016 02:53 PM, Anthony Scarpino wrote:
Hi,
I need a review of a fix to JEP 288 were certpath algorithm checking
wasn't checking OCSP certs against the jdkCA keyword.
http://cr.openjdk.java.net/~ascarpino/8165274/webrev/
thanks
Tony