[9] RFR: 8059916: Change default criticality of policy mappings and policy constraints certificate extensions
Jason Uh
jason.uh at oracle.com
Tue Jan 13 18:48:35 UTC 2015
Thanks, Sean. Could you also look at one more change I've added?
http://cr.openjdk.java.net/~juh/8059916/02/
Line 103 of PolicyMappingsExtension.java:
- extensionId = PKIXExtensions.KeyUsage_Id;
- critical = false;
+ extensionId = PKIXExtensions.PolicyMappings_Id;
+ critical = true;
(Good catch, Jamil.)
Jason
On 1/13/15 4:55 AM, Sean Mullan wrote:
> Looks good to me.
>
> --Sean
>
> On 01/12/2015 06:56 PM, Jason Uh wrote:
>> Please review this change, which changes the default criticality of the
>> policy mappings and policy constraints certificate extensions. This
>> change makes both extensions critical by default, per RFC 5280.
>>
>> webrev: http://cr.openjdk.java.net/~juh/8059916/01/webrev
>> bug: https://bugs.openjdk.java.net/browse/JDK-8059916
>>
>> Thanks,
>> Jason
More information about the security-dev
mailing list