[jdk8u] RFR: 8337664: Distrust TLS server certificates issued after Oct 2024 and anchored by Entrust Root CAs [v2]
Andrew John Hughes
andrew at openjdk.org
Wed Sep 18 23:53:45 UTC 2024
On Wed, 18 Sep 2024 17:27:29 GMT, Andrew John Hughes <andrew at openjdk.org> wrote:
>> Thanks!
>>
>>> Should we also update `SymantecTLSPolicy.java`?
>>
>> No, not in this bug. Feel free to do this as an 8u-only fix via jdk8u-dev pr. The original backport to 8 of https://bugs.openjdk.org/browse/JDK-8207258 didn't do this. That's one of the gotchas of `Set.of()` backports. It's not terribly important.
>
> This is a common case, as Severin implies. For the test library, we added internal versions of the `listOf` and `setOf` methods to better handle this. It has the advantage that the same error checking (null values, duplicates) is present as on the methods in later JDKs.
>
> I can look at moving that to an internal JDK class instead to cover library cases, and fix the Symantec case then. No reason to delay this critical fix for that.
Opened https://bugs.openjdk.org/browse/JDK-8340414
-------------
PR Review Comment: https://git.openjdk.org/jdk8u/pull/61#discussion_r1765888552
More information about the jdk8u-dev
mailing list