[jdk25u-dev] RFR: 8378853: [25u] Make backport of JDK-8244336 comply with differences in CSR
Sean Coffey
coffeys at openjdk.org
Fri Feb 27 20:31:21 UTC 2026
On Fri, 27 Feb 2026 16:02:37 GMT, Goetz Lindenmaier <goetz at openjdk.org> wrote:
> My backport of 8244336 was clean. At the time I did not realize the CSRs differ.
> Thus I now want to remove the javadoc changes so that the backport complies with the CSR.
>
> CSR of original change: [JDK-8364386](https://bugs.openjdk.org/browse/JDK-8364386)
> CSR of backports: [JDK-8372102](https://bugs.openjdk.org/browse/JDK-8372102)
>
> This needs to go to 21, too. In 17, I will respect this in the backport of JDK-8244336 right away.
> @coffeys, @MullaN, could you please have a look at this change to make sure this is as intended by the CSR? I'm not completely sure whether the comment in [conf/security/java.security](https://github.com/openjdk/jdk25u-dev/pull/322/changes#diff-67779113fb0f8efa12d953153277db319562772973a2fc4792e245b336401019) needs to be omitted too. It's not clearly stated in the CSR, but it mentions the "JDK Reference implementation" which does not mention the topic in 25. So I think it must go, too.
>
> Maybe I should add at least #jdk.crypto.disabledAlgorithms=
I think it's fair to maintain the java.security edits like those proposed in the CSR. That's what I've done for the Oracle ports.
The java.security conf file often serves as a useful readme with respect to how security properties can be used. That file can often highlight implementation specific properties. Removing the reference implementation text updates from the Java SE specification (javadocs) is the more important step here IMO.
-------------
PR Comment: https://git.openjdk.org/jdk25u-dev/pull/322#issuecomment-3974949593
More information about the jdk-updates-dev
mailing list