CSR for JDK11u backport of JDK-8080462: Update SunPKCS11 provider with PKCS11 v2.40 support

Joe Darcy joe.darcy at oracle.com
Thu Nov 7 17:37:12 UTC 2019 

Hello,

I think it is clearer to run a CSR against JDK 11u. The CSR is 
straightforward and should be approved quickly :-)

Thanks,

-Joe

On 11/7/2019 7:09 AM, Langer, Christoph wrote:
>
> Hi Sean,
>
> thanks for the information.
>
> @Andrew Haley <mailto:aph at redhat.com>: I think in that case we 
> shouldn’t go through another CSR review but mention in the bug that we 
> don’t do a CSR for 8u/11u because Oracle did run it through internal 
> ccc. Agree?
>
> Cheers
>
> Christoph
>
> *From:*Seán Coffey <sean.coffey at oracle.com>
> *Sent:* Donnerstag, 7. November 2019 15:55
> *To:* Langer, Christoph <christoph.langer at sap.com>; Joe Darcy 
> <joe.darcy at oracle.com>; Andrew Haley <aph at redhat.com>
> *Cc:* jdk-updates-dev <jdk-updates-dev at openjdk.java.net>
> *Subject:* Re: CSR for JDK11u backport of JDK-8080462: Update 
> SunPKCS11 provider with PKCS11 v2.40 support
>
> Christoph,
>
> I backported PKCS11 v2.40 Oracle 8u and 11u code bases. For 8u, Oracle 
> continues to use an internal tool for change compatibility requests 
> (ccc) - Since I was requesting approval for 8u and 11u, I used the 
> internal tool to submit one request for both releases.
>
> For the record, the CCC I submitted was pretty much identical to that 
> seen for the JDK 13 CSR that you highlight.
>
> regards,
> Sean.
>
> On 07/11/2019 14:40, Langer, Christoph wrote:
>
>     Hi,
>
>     I’m currently looking into backporting “JDK-8080462: Update
>     SunPKCS11 provider with PKCS11 v2.40 support” [0] to OpenJDK 11
>     updates. I can see that the original change has a CSR attached [1].
>
>     I was under the impression, that Oracle would use the CSR process
>     for their JDK 11u backports as well – and we can in such cases
>     refer to the Oracle CSRs. However, in this case, I can see that
>     Oracle have backported that patch to JDK11 updates without an
>     additional backport CSR [2].
>
>     That raises 2 questions:
>
>     a) Does Oracle still have the policy to use CSR for 11u backports?
>
>     b) In case there’s a backport of a change with CSR to 11u by
>     Oracle and Oracle did not do a backport CSR, should we backport
>     the fix to OpenJDK11u without CSR as well? Or should we go through
>     CSR review nevertheless?
>
>     Thanks
>
>     Christoph
>
>     [0] https://bugs.openjdk.java.net/browse/JDK-8080462
>     <https://bugs.openjdk.java.net/browse/JDK-8080462>
>
>     [1] https://bugs.openjdk.java.net/browse/JDK-8221442
>     <https://bugs.openjdk.java.net/browse/JDK-8221442>
>
>     [2] https://bugs.openjdk.java.net/browse/JDK-8228662
>     <https://bugs.openjdk.java.net/browse/JDK-8228662>
>

More information about the jdk-updates-dev mailing list