On Mon, 23 Nov 2020 15:47:25 GMT, Weijun Wang <wei...@openjdk.org> wrote:
>> This change removes five root certificates with 1024-bit RSA public keys >> from the system-wide `cacerts` keystore. These are older VeriSign and Thawte >> root CA certificates which are no longer necessary to retain and should have >> minimal compatibility risk if removed. >> >> See the CSR for more details: >> https://bugs.openjdk.java.net/browse/JDK-8256502 > > Marked as reviewed by weijun (Reviewer). > Looks fine. > > One nit: I see that the `VerifyCACerts.java` test has a whole bunch of `@bug` > ids. Maybe we should add this new one as well? Good catch. I will add it. ------------- PR: https://git.openjdk.java.net/jdk/pull/1387
