On Thu, 6 Mar 2025 19:57:03 GMT, Sean Mullan <mul...@openjdk.org> wrote:
>> Artur Barashev has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Update documentation and unit tests to signal TLS scope case-insensitivity > > src/java.base/share/conf/security/java.security line 747: > >> 745: # >> 746: # HANDSHAKE restricts algorithm to be used for signing TLS >> handshake. >> 747: # CERTIFICATE restricts algorithm to be used for signatures in >> certificates. > > s/HANDSHAKE/'Handshake'/ > s/CERTIFICATE/'Certificate'/ > > Suggest slight rewording: "Handshake restricts the use of the algorithm in > TLS handshake signatures." and "Certificate restricts the use of the > algorithm in certificate signatures." Done. > src/java.base/share/conf/security/java.security line 748: > >> 746: # HANDSHAKE restricts algorithm to be used for signing TLS >> handshake. >> 747: # CERTIFICATE restricts algorithm to be used for signatures in >> certificates. >> 748: # These constraints can't be mixed with any other usage constraints >> for the > > s/can't/cannot/ (sounds more formal). > > The word "any" seems redundant, suggest removing. Done. > src/java.base/share/conf/security/java.security line 752: > >> 750: # ampersand '&'. >> 751: # See https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.3 >> for more >> 752: # information on signatures used in TLS handshake and in >> certificates. > > I suggest we don't include a reference to the TLS 1.3 RFC. Something like > this might be fine for the developer's guide though. Done. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/23681#discussion_r1984007711 PR Review Comment: https://git.openjdk.org/jdk/pull/23681#discussion_r1984007560 PR Review Comment: https://git.openjdk.org/jdk/pull/23681#discussion_r1984007354
