RFR 8189131: Open-source the Oracle JDK Root Certificates
Volker Simonis
volker.simonis at gmail.com
Fri Dec 1 17:16:45 UTC 2017
Hi Rajan,
great to see this finally happen!
I have just a quick question related to the tests. As far as I can
see, the tests will only succeed if the OpenJDK will be build with the
new open sourced, Oracle root certificates. But what if somebody is
building the OpenJDK with his own set of root certificates (by using
the --with-cacerts-file option)? Do you see any possibility of
restricting these tests only to builds which used the original,
checked in cacerts file?
Regards,
Volker
On Fri, Dec 1, 2017 at 5:54 PM, Rajan Halade <rajan.halade at oracle.com> wrote:
> May I request for your review of this fix to open source the root
> certificates in Oracle's Java SE Root CA program. The fix is to populate
> cacerts keystore with root certificates and add corresponding tests for it
> as per the test plan outlined at JDK-8191711. interoperability tests are
> added against CAs with available test certificates.
>
> Webrev: http://cr.openjdk.java.net/~rhalade/8189131/webrev.00/
> JEP: https://bugs.openjdk.java.net/browse/JDK-8191486
>
> Thanks,
> Rajan
>
More information about the security-dev
mailing list