Looks good to me. Please also include the recent fix to disable SHA-1
TLS Server certificates in this backport:
https://bugs.openjdk.java.net/browse/JDK-8176503
--Sean
On 3/16/17 1:04 AM, Anthony Scarpino wrote:
Hi,
I need a review of this large backport of the weak algorithm checking
code to jdk8.
In mosts cases the changes are either identical or 95% of what is in
jdk9, the below two files deviate the most from jdk9 because of other
jdk9 features:
src/share/classes/sun/security/ssl/SSLContextImpl.java
src/share/classes/sun/security/validator/PKIXValidator.java
http://cr.openjdk.java.net/~ascarpino/8176536/webrev/
thanks
Tony
