> Currently when a signature scheme constraint is specified with > "jdk.tls.disabledAlgorithms" property we don't differentiate between > signatures used to sign a TLS handshake exchange and the signatures used in > TLS certificates: > https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.3
Artur Barashev has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains six additional commits since the last revision: - Merge branch 'master' into JDK-8349583 - Use "Set.of()" instead of "Collections.unmodifiableSet(EnumSet.of())" - Use HandshakeContext's localSupportedCertSignAlgs when checking against SSLSession's localSupportedSignAlgs - Fix typo in java.security documentation - Typo fix - 8349583: Add mechanism to disable signature schemes based on their TLS scope ------------- Changes: - all: https://git.openjdk.org/jdk/pull/23681/files - new: https://git.openjdk.org/jdk/pull/23681/files/d0ef5526..23df4cee Webrevs: - full: https://webrevs.openjdk.org/?repo=jdk&pr=23681&range=04 - incr: https://webrevs.openjdk.org/?repo=jdk&pr=23681&range=03-04 Stats: 10921 lines in 362 files changed: 5853 ins; 3807 del; 1261 mod Patch: https://git.openjdk.org/jdk/pull/23681.diff Fetch: git fetch https://git.openjdk.org/jdk.git pull/23681/head:pull/23681 PR: https://git.openjdk.org/jdk/pull/23681
