On Mon, 22 May 2023 17:39:59 GMT, Jamil Nimeh <jni...@openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/provider/certpath/URICertStore.java >> line 131: >> >>> 129: private static final int DEFAULT_CRL_READ_TIMEOUT = 15000; >>> 130: >>> 131: // Default connect and read timeouts for CA certificate fetching >>> (15 sec) >> >> Does 15 seconds make sense as the default timeout, especially for certs? >> CRLs are generally larger than certs, so a longer read timeout makes sense. >> >> I'm ok with keeping these default values the same for consistency, but I >> think we should re-evaluate each of these default timeouts and compare them >> to other products/technologies to see if some adjustments may be needed - >> can you file a follow-on RFE for that? > > Yes, I can make a follow on for that. Filed https://bugs.openjdk.org/browse/JDK-8308601 ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/13762#discussion_r1201306717
