RFR: 8151893: Add security property to configure XML Signature secure validation mode
Xuelei Fan
xuelei.fan at oracle.com
Thu Aug 25 14:36:13 UTC 2016
On 8/25/2016 10:14 PM, Sean Mullan wrote:
> On 08/25/2016 09:47 AM, Xuelei Fan wrote:
>>>> http://cr.openjdk.java.net/~mullan/webrevs/8151893/webrev.01/
>>
>> Looks fine to me except the following minor comment.
>>
>> java.security
>> -------------
>> 818 # AlgConstraint
>> 819 # "disallowAlg" Uri
>> ...
>> 829 # For AlgConstraint, Uri is the algorithm URI String that is not
>> allowed.
>>
>> The "disallowAlg" has said the same thing as line 829. As you did not
>> explain other options, may be this one can also be removed. Minor
>> comment.
>
> I thought this one deserved a little bit of explanation, since unlike
> our other JCE APIs, XML Signature algorithms are specified as URIs and
> not Strings like "MD5", so I wanted to avoid confusion with the other
> properties that take algorithm Strings. I'd like to leave this one in.
>
It's OK.
Xuelei
More information about the security-dev
mailing list