[8u] Request for enhancement backport approval for CR 8207258- Distrust TLS server certificates anchored by Symantec Root CAs
Andrew Haley
aph at redhat.com
Tue Feb 26 09:44:53 UTC 2019
On 2/25/19 9:43 PM, Liu, Xin wrote:
> We backport two patches about distrust policy to jdk8u-dev. It will distrust all certificates from Symantec except for 2 from Apple’s.
> They are straight-forward, but we do minor changes for java8.
>
> JDK-8207258<https://bugs.openjdk.java.net/browse/JDK-8207258>: Distrust TLS server certificates anchored by Symantec Root CAs
> http://cr.openjdk.java.net/~phh/8207258/webrev.8u.00/
>
> JDK-8216280<https://bugs.openjdk.java.net/browse/JDK-8216280%5d>: Allow later Symantec Policy distrust date for two Apple SubCAs
> http://cr.openjdk.java.net/~phh/8216280/webrev.8u.00/
>
> We verify Jtreg and JCK8b internally. Could you mailist review it?
These are already marked with CPU19 04-critical-approved and redhat-openjdk.
In other words: we're on it.
--
Andrew Haley
Java Platform Lead Engineer
Red Hat UK Ltd. <https://www.redhat.com>
EAC8 43EB D3EF DB98 CC77 2FAD A5CD 6035 332F A671
More information about the jdk8u-dev
mailing list