[8] code review request: 8019259: Failover to CRL checking does not happen if wrong OCSP responder URL is set
Xuelei Fan
xuelei.fan at oracle.com
Sat Jun 29 00:53:35 UTC 2013
Looks fine to me.
Hmm, it is a case to learn that RuntimeException should be token care of
sometimes.
Thanks,
Xuelei
On 6/29/2013 2:41 AM, Vincent Ryan wrote:
> Hello,
>
> Please review the following JDK 8 fix:
>
> Bug: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=8019259
> Webrev: http://cr.openjdk.java.net/~vinnie/8019259/webrev.00/
>
> It corrects a problem during X.509 certificate revocation checking where failover to using CRLs is not
> performed in the case when a malformed URL has been supplied as the URL of the OCSP responder.
> The fix ensures all exceptions during OCSP are caught and wrapped so that the failover mechanism
> does not get skipped.
>
> Thanks.
>
More information about the security-dev
mailing list