RFR: 8243559: Remove root certificates with 1024-bit keys
Sean Mullan
mullan at openjdk.java.net
Mon Nov 23 15:14:07 UTC 2020
This change removes five root certificates with 1024-bit RSA public keys from the system-wide `cacerts` keystore. These are older VeriSign and Thawte root CA certificates which are no longer necessary to retain and should have minimal compatibility risk if removed.
See the CSR for more details: https://bugs.openjdk.java.net/browse/JDK-8256502
-------------
Commit messages:
- 8256502: Remove root certificates with 1024-bit keys
Changes: https://git.openjdk.java.net/jdk/pull/1387/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=1387&range=00
Issue: https://bugs.openjdk.java.net/browse/JDK-8243559
Stats: 140 lines in 6 files changed: 0 ins; 138 del; 2 mod
Patch: https://git.openjdk.java.net/jdk/pull/1387.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/1387/head:pull/1387
PR: https://git.openjdk.java.net/jdk/pull/1387
More information about the build-dev
mailing list