On Thu, 1 Jun 2023 20:09:39 GMT, Rajan Halade <rhal...@openjdk.org> wrote:
>> The new approach uses test URLs directly to verify interoperability with CA
>> infrastructure. This would help us avoid having regular test fixes to update
>> test artifacts as long as CAs keep test domains up to date.
>
> Rajan Halade has updated the pull request incrementally with one additional
> commit since the last revision:
>
> 8308592: Framework for CA interoperability testing
test/jdk/security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java
line 28:
> 26: * @param revocationMode revocation checking mode to use
> 27: */
> 28: public CAInterop(String revocationMode){
You could have instead added a static method to `ValidatePathWithURL`.
test/jdk/security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java
line 33:
> 31: } if ("OCSP".equalsIgnoreCase(revocationMode)) {
> 32: ValidatePathWithURL.enableOCSPOnly();
> 33: }else {
Nit: space after `}`.
test/jdk/security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java
line 47:
> 45: * @throws Exception thrown when certificate can't be validated as
> valid or revoked
> 46: */
> 47: public void validate(String caAlias,
Seems like you could also add this as a static method to `ValidatePathWithURL`
and then you don't need this class.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/14252#discussion_r1213642143
PR Review Comment: https://git.openjdk.org/jdk/pull/14252#discussion_r1213640495
PR Review Comment: https://git.openjdk.org/jdk/pull/14252#discussion_r1213644110
