[9] RFR:8130360: Add tests to verify 3rd party security providers if they are in signed/unsigned modular JARs

Wang Weijun weijun.wang at oracle.com
Mon Jan 4 09:05:41 UTC 2016


I have no more comment.

--Max

> On Jan 3, 2016, at 3:48 PM, Sibabrata Sahoo <sibabrata.sahoo at oracle.com> wrote:
> 
> Updated the bug title and description.
> 
> Thanks,
> Siba
> 
> -----Original Message-----
> From: Wang Weijun 
> Sent: Sunday, January 03, 2016 1:02 PM
> To: Sibabrata Sahoo
> Cc: Mandy Chung; Valerie Peng; jigsaw-dev at openjdk.java.net; OpenJDK
> Subject: Re: [9] RFR:8130360: Add tests to verify 3rd party security providers if they are in signed/unsigned modular JARs
> 
> Then you don't need to include the "signed/unsigned" words in the bug description.
> 
> --Max
> 
>> On Jan 3, 2016, at 2:30 PM, Sibabrata Sahoo <sibabrata.sahoo at oracle.com> wrote:
>> 
>> Hi Max,
>> 
>> The test is for verifying 3rd party security provider in classpath/modulepath. I am using an empty provider to check, if the provider can be found during runtime when the bundle provided through classpath/modulepath with different modular type combination. As the provider is empty, I think this is unnecessary to sign the bundle.
>> 
>> Even the same comment[1] was also provided by "Valerie" few days ago and the comment was addressed with this webrev,
>> 
>> [1] I think it's somewhat misleading to use the term JCE here as what you are testing here is just security provider loading. JCE is more about security providers supporting export-controlled services/algorithms. Since your provider is just an empty one, I don't think u need to sign it (again, it's only for JCE providers).
>> 
>> Thanks,
>> Siba
> 




More information about the security-dev mailing list