I think these classes can be simply removed. These are internal classes
which are not supported externally and strongly encapsulated by default.
This is an internal class so it does not have to go through a
"forRemoval" process before it is removed.
For my comment below, I was probably being overcareful, as
the sun.security.x509 classes have been in the JDK for a long time, and
there may have been some external usages (even though not supported).
But applications have had plenty of warnings by now not to use these
internal APIs.
So I think it is safe to remove these now. It should not require a CSR.
--Sean
On 4/21/23 5:59 PM, Eirik Bjørsnøs wrote:
Hi,
JDK-8157707 [1] deprecated the java.security.Certificate API. In a
comment in that issue, Sean writes:
As part of this change, the internal classes
sun.security.x509.CertException and sun.security.x509.CertParseError
should be marked for removal (they are already deprecated) and
removed when java.security.Certificate is removed.
I see that neither sun.security.x509.CertException
nor sun.security.x509.CertParseError are marked forRemoval today.
Was this an oversight? Should we fix it? Would be strange to
remove java.security.Certificate but leave these two, right?
I'm happy to do a PR and also CSR if that's required for these internal
classes.
Thanks,
Eirik.
[1] https://bugs.openjdk.org/browse/JDK-8157707
<https://bugs.openjdk.org/browse/JDK-8157707>
