[8] Request for review: 8023362: Don't allow soft-fail behavior if OCSP responder returns "unauthorized"

Vincent Ryan vincent.x.ryan at oracle.com
Fri Sep 6 15:41:49 UTC 2013


Looks fine Sean.

Thanks.

On 6 Sep 2013, at 16:01, Sean Mullan wrote:

> Please review this simple fix to treat OCSP Unauthorized responses as an error when checking revocation status, even when the SOFT_FAIL option is set.
> 
> webrev: http://cr.openjdk.java.net/~mullan/webrevs/8023362/webrev.00/
> 
> Thanks,
> Sean




More information about the security-dev mailing list