On Tue, 29 Sep 2020 02:53:10 GMT, Valerie Peng <valer...@openjdk.org> wrote:
>> Yes. In fact I'm not quite confident on our usage of allowBER. In a lot of >> cases we are actually quite strict. Since >> this code change is meant to be a refactoring and does not intend to fix >> many things, I don't intent to make many >> behavior change. > > We have to be strict in "sensitive" area such as signatures. The parsing code > seems to be still mainly DER. It was > never fully BER, but just some. It's good to keep behavior change minimum as > this is like a re-write and may already > have some unintentional changes. As this constructor calls another with allowBER=true, I leave the BER word there. Yes, I understand our impl is not always precise. To make it so, we need to adjust the callers everywhere to match the RFCs, but then there will be compatibility issues. >> Correct. > > Fix the comment then? Sure. ------------- PR: https://git.openjdk.java.net/jdk/pull/232
