[8u] RFR: 8076190: Customizing the generation of a PKCS12 keystore
Martin Balao
mbalao at redhat.com
Thu Feb 3 17:16:06 UTC 2022
Hi Alexey,
On Thu, Feb 3, 2022 at 10:38 AM Alexey Bakhtin <alexey at azul.com> wrote:
> Yes, according to my investigations Oracle implemented password-less
> feature as part of JDK-8076190
> So, we have behaviour difference between Oracle and OpenJDK implementation
> now.
> I think the parity with Oracle is a good reason to backport all features
> of JDK-8076190 (not PBES2Parameters.java only)
>
While we agree that Oracle parity is one of the inputs that we take into
account when making these backports decisions, it shouldn't be the only one
in my view. To put that into context, 8u is now an old release where more
stability/backward-compatibility is expected and patches tend to divert
more as we move forward. This particular case is an example of that. I
asked about other reasons because we can weigh risk with, for example, a
common use case and multiple users affected.
Let me ask you 2 questions:
1) Would backporting only the parts related to 8245169 be a good compromise
solution for you?
2) If not, are you willing to redesign the backport so it does not break
compatibility in scenarios where SunJCE is disabled? I've not put thinking
into alternatives but I'm open to review whatever you come up with.
Thanks,
Martin.-
More information about the jdk8u-dev
mailing list