[8] Request for review: 8023362: Don't allow soft-fail behavior if OCSP responder returns "unauthorized"

Sean Mullan sean.mullan at oracle.com
Fri Sep 6 15:01:43 UTC 2013


Please review this simple fix to treat OCSP Unauthorized responses as an 
error when checking revocation status, even when the SOFT_FAIL option is 
set.

webrev: http://cr.openjdk.java.net/~mullan/webrevs/8023362/webrev.00/

Thanks,
Sean



More information about the security-dev mailing list