JDK 8 Review Request for 8030813 : Signed applet fails to load when CRLs are stored in an LDAP directory
Sean Mullan
sean.mullan at oracle.com
Mon Dec 23 14:05:40 UTC 2013
Please review the following change which causes signed applets to fail
if CRLs are stored in an LDAP directory. This occurs when any of the
certificates in the applet's certificate chain contain a CRL
Distribution Point extension with an LDAP URL.
The fix introduces a new internal system property that, when set to
true, skips the JNDI InitialContext application resource file lookup,
which was triggering a recursive verification of the signed JAR.
webrev: http://cr.openjdk.java.net/~mullan/webrevs/8030813/webrev.00/
Thanks,
Sean
More information about the security-dev
mailing list