PING 2: [7u80] Request for review for CR 4963723: Implement SHA-224

Rob McKenna rob.mckenna at oracle.com
Tue Dec 23 16:56:48 UTC 2014 

Actually, another kink: this requires ccc approval for a backport to 7.

     -Rob

On 23/12/14 16:52, dalibor.topic at oracle.com wrote:
> Considering that the issue was a P3 RFE rather than a high priority bug fix, it's not clear to me why it would be necessary to backport it into 7u80,  at the end point in the release cycle.
>
> --
> Oracle <http://www.oracle.com>
> Dalibor Topic | Principal Product Manager
> Phone: +494089091214<tel:+494089091214> | Mobile:+491737185961<tel:+491737185961>
> Oracle Java Platform Group
>
> ORACLE Deutschland B.V. & Co. KG | Kühnehöfe 5 | 22761 Hamburg
>
> ORACLE Deutschland B.V. & Co. KG
> Hauptverwaltung: Riesstr. 25, D-80992 München
> Registergericht: Amtsgericht München, HRA 95603
> Geschäftsführer: Jürgen Kunz
>
> Komplementärin: ORACLE Deutschland Verwaltung B.V.
> Hertogswetering 163/167, 3543 AS Utrecht, Niederlande
> Handelsregister der Handelskammer Midden-Niederlande, Nr. 30143697
> Geschäftsführer: Alexander van der Ven, Astrid Kepper, Val Maher
>
> Green Oracle <http://www.oracle.com/commitment> Oracle is committed to developing practices and products that help protect the environment
>
>> On 23.12.2014, at 17:13, Andrew Hughes <gnu.andrew at redhat.com> wrote:
>>
>> ----- Original Message -----
>>> Valerie Peng (original author) is probably best suited to reviewing this
>>> but I think she's out of the office the moment and back next week. Let's
>>> hope we can get an update/review then.
>> Hi,
>>
>> Any movement on this? It's been three months.
>>
>> Thanks.
>>
>>> regards,
>>> Sean.
>>>
>>>> On 01/10/2014 16:11, Andrew Hughes wrote:
>>>> ----- Original Message -----
>>>>> ----- Original Message -----
>>>>>> Code changes generally require two approvals: codereview, performed by a
>>>>>> reviewer, (in this case from security-dev) and push approval, performed
>>>>>> by a gatekeeper. Given your email template matches the push approval
>>>>>> template I understood that you intended the latter. Generally speaking
>>>>>> codereview requests would say "Request for review" as opposed to
>>>>>> "Request for approval" so a reviewer could overlook your mail if you
>>>>>> intended the former.
>>>>>>
>>>>>>       -Rob
>>>>>>
>>>>>>> On 18/09/14 00:21, Andrew Hughes wrote:
>>>>>>> ----- Original Message -----
>>>>>>>> Hi Andrew,
>>>>>>>>
>>>>>>>> Sorry to be a pest, but given the scope of the change I'd feel more
>>>>>>>> comfortable with an explicit codereview for the backport.
>>>>>>>>
>>>>>>>>        -Rob
>>>>>>>>
>>>>>>>>> On 17/09/14 18:32, Andrew Hughes wrote:
>>>>>>>>> This is the first of three backports to 7u designed to retain SSL
>>>>>>>>> compatibility with servers implemented in other languages switching
>>>>>>>>> to larger key sizes (notably DH >=2048 in Apache 2.4.7 [0]).
>>>>>>>>>
>>>>>>>>> This patch is a per-requisite of the patch which brings NSA Suite B
>>>>>>>>> support to 7. It applies largely unchanged, bar the following:
>>>>>>>>>
>>>>>>>>> * Copyright header adjustment
>>>>>>>>> * Removal of change to java.security.spec.MGF1ParameterSpec to avoid
>>>>>>>>> introducing a new public variable. The SHA-224 variant is constructed
>>>>>>>>> directly in com.sun.crypto.provider.OAEPParameters instead.
>>>>>>>>> * A change to OAEPParameters is dropped as it was already incorporated
>>>>>>>>> in the backport of 7180907 & 8049480 (addition of SHA-224 to
>>>>>>>>> convertToStandardName)
>>>>>>>>>
>>>>>>>>> Bug: https://bugs.openjdk.java.net/browse/JDK-4963723
>>>>>>>>> Webrev: http://cr.openjdk.java.net/~andrew/jdk7u/4963723/webrev.01/
>>>>>>>>>
>>>>>>>>> [0] https://httpd.apache.org/docs/2.4/mod/mod_ssl.html
>>>>>>>>>
>>>>>>>>> Ok to push?
>>>>>>>>>
>>>>>>>>> Thanks,
>>>>>>> Which is what I asked for, no?
>>>>>>>
>>>>>>> If I wasn't waiting on a review first, I'd have pushed the change.
>>>>> This was the only applicable template on:
>>>>>
>>>>> http://openjdk.java.net/projects/jdk7u/
>>>>>
>>>>> Anyway, now including security-dev for review.
>>>>> --
>>>>> Andrew :)
>>>>>
>>>>> Free Java Software Engineer
>>>>> Red Hat, Inc. (http://www.redhat.com)
>>>>>
>>>>> PGP Key: 248BDC07 (https://keys.indymedia.org/)
>>>>> Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07
>>>> Ping. Any movement on this?
>> -- 
>> Andrew :)
>>
>> Free Java Software Engineer
>> Red Hat, Inc. (http://www.redhat.com)
>>
>> PGP Key: 248BDC07 (https://keys.indymedia.org/)
>> Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07
>>

More information about the security-dev mailing list