[9] RFR: 8037550: Update RFC references in javadoc to RFC 5280
Wang Weijun
weijun.wang at oracle.com
Fri Sep 19 02:04:32 UTC 2014
Hi Jason
The change looks quite straightforward, but have you checked if our codes actually comply with RFC 5280 especially for those areas where RFC 5280 is different from RFC 3280? http://tools.ietf.org/html/rfc5280#page-5 lists the differences. For example, there is an item:
* Section 4.2.1.5 recommends marking the policy mappings extension
as critical. RFC 3280 required that the policy mappings
extension be marked as non-critical.
In PolicyMappingsExtension.java, the 2 constructors that generate a PolicyMappingsExtension object both set critical to false. Is this something we should reconsider?
Thanks
Max
On Sep 19, 2014, at 9:27, Jason Uh <jason.uh at oracle.com> wrote:
> Please review this changeset, which updates references to RFC 3280 to RFC 5280. RFC 5280 has obsoleted 3280.
>
> http://cr.openjdk.java.net/~juh/8037550/webrev.03/
>
> Thanks,
> Jason
More information about the security-dev
mailing list