RFR: 8281561: Disable http DIGEST mechanism with MD5 by default [v2]
Weijun Wang
weijun at openjdk.java.net
Fri Mar 11 18:14:49 UTC 2022
On Thu, 10 Mar 2022 16:50:05 GMT, Michael McMahon <michaelm at openjdk.org> wrote:
>> src/java.base/share/classes/java/net/doc-files/net-properties.html line 234:
>>
>>> 232: in the {@code java.security} properties file and currently comprises {@code MD5} and
>>> 233: {@code SHA-1}. If it is still required to use one of these algorithms, then they can be
>>> 234: re-enabled by setting this property to a comma separated list of the algorithm names.</P>
>>
>> Can we use "re-enabled" in the property name? To me, the name "enabled" sounds like all enabled algorithms are listed here.
>
> Okay, I'm suggesting "http.auth.digest.reEnabledAlgorithms" now.
> Hopefully we can stick with that.
Property name not updated yet.
-------------
PR: https://git.openjdk.java.net/jdk/pull/7688
More information about the net-dev
mailing list