Valerie in another reply suggested that the default parameters of the default sigAlg depends on either the size of the key (if RSA) of the params of the key (if RSASSA-PSS). I'll address all of these in another bug.
Thanks, Max > 在 2020年4月9日,03:47,Sean Mullan <sean.mul...@oracle.com> 写道: > > On 4/6/20 11:11 PM, Weijun Wang wrote: >> Please review the fix at >> http://cr.openjdk.java.net/~weijun/8242184/webrev.00/ >> The major change is inside X509CRLImpl.java to allow params setting and >> reading. >> I also take this chance to: >> 1. Provide a default -sigalg for "keytool -genkeypair -keyalg rsassa-pss". > > I think you should file a CSR for that, since it is a new default, and the > default varies based on the size of the key. You should also update the > keytool man page section on defaults. > > --Sean > >> 2. Revert a former change in X509CertImpl.java, which might be a safer call. >> Thanks, >> Max
