[8] code review request: 8019259: Failover to CRL checking does not happen if wrong OCSP responder URL is set
Vincent Ryan
vincent.x.ryan at oracle.com
Fri Jun 28 18:41:15 UTC 2013
Hello,
Please review the following JDK 8 fix:
Bug: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=8019259
Webrev: http://cr.openjdk.java.net/~vinnie/8019259/webrev.00/
It corrects a problem during X.509 certificate revocation checking where failover to using CRLs is not
performed in the case when a malformed URL has been supplied as the URL of the OCSP responder.
The fix ensures all exceptions during OCSP are caught and wrapped so that the failover mechanism
does not get skipped.
Thanks.
More information about the security-dev
mailing list