Fwd: [JCP]JSR-383(Java SE 18.3) Public review - JEP 116:Extended Validation SSL Certificates

Brian Goetz brian.goetz at oracle.com
Mon Nov 20 18:20:43 UTC 2017

This was received via the comments box.

The content is out of scope for the SE EG, but I will forward it to the 
appropriate list (<security-dev at openjdk.java.net>).

-------- Forwarded Message --------
Subject: 	[JCP]JSR-383(Java SE 18.3) Public review - JEP 116:Extended 
Validation SSL Certificates
Date: 	Fri, 17 Nov 2017 10:33:41 +0000
From: 	kyosuke_yamagata at mufg.jp
To: 	java-se-spec-comments at openjdk.java.net
CC: 	youji_3_fujikura at mufg.jp, takahiro_ishifuku at mufg.jp, 
kazuhiro_2_itakura at mufg.jp, tomoyuki_3_iguchi at mufg.jp, 
kenya_2_saito at mufg.jp, hiromi_18_takahashi at mufg.jp

JSR-383 developer all

Hi, I’m Kyosuke Yamagata.
I can't send E-mail by mail form(Expert Group Comments) because of the office network policy.
So I send this mail to you.

I work for Mitsubishi UFJ Information Technology.
Our company is in charge of Mitsubishi UFJ financial group system development, operation and maintenance.
And then , We are in charge of in-house Java framework.
Our Java framework depends heavily on Java SE and Java EE technologies.

I reviewed JEP 116: Extended Validation SSL Certificates in JSR-383(Java SE 18.3) Public review

I think it's great.

On the other hand, to make things even better,  I would like to suggest the following:

We can import Self-signed certificates as Root certificate.
It used in SSL/TLS connections both Client-side and Server-side, and isn't necessarily EV SSL certificates.

When the API takes these Non-EV SSL certificates, what kind of information does return?

API user wants to take some information of the certificate without having to worry about what kind of certificate using, I think.
For example, if I got some exceptions by using API, I MUST inject the judging code that this certificate is EV or Non-EV into my code.
I want to support this usecase by this JEP(or other APIs).

This content is the personal opinion by the contributor, not the official opinion of our company.

Best regards.

More information about the java-se-spec-experts mailing list