[9] RFR: 8073430: Deprecate security APIs that have been superseded
Sean Mullan
sean.mullan at oracle.com
Thu Mar 5 21:35:04 UTC 2015
Looks good, Jason, just a couple of comments:
- Add an @Deprecated annotation to the package-info.java files since the
entire package is deprecated. Put {@code} around the package/class names.
- add a noreg label to the bug
--Sean
On 03/04/2015 02:02 PM, Jason Uh wrote:
> webrev: http://cr.openjdk.java.net/~juh/8073430/00/
> jbs: https://bugs.openjdk.java.net/browse/JDK-8073430
>
> Please review this change, which deprecates the classes in
> java.security.acl and javax.security.cert. These packages have been
> superseded by replacements for a long time.
>
> For java.security.acl, there have been replacement APIs available since
> JDK 1.2 in java.security.Policy and related classes. For
> javax.security.cert, replacements have existed in java.security.cert
> since JDK 1.4. These replacements have been noted in the javadocs, so
> applications using these old APIs have had plenty of time to migrate.
>
> Two methods
>
> HandshakeCompletedEvent.getPeerCertificateChain
> SSLSession.getPeerCertificateChain
>
> that return the javax.security.cert.X509Certificate type will also be
> deprecated.
>
> The change also includes deprecation warning suppression in a few areas,
> including sun.net.www.protocol.https.
>
> Thanks,
> Jason
More information about the net-dev
mailing list