[RFR] 8174849: Change SHA1 certpath restrictions
Bernd Eckenfels
ecki at zusammenkunft.net
Tue Feb 14 07:33:50 UTC 2017
Hello,
The bug does not explain why. I would understand to completely deny SHA1 (I.e. Unconditionally), but allowing it seems strange, especially without a justification.
Gruss
Bernd
--
http://bernd.eckenfels.net
On Mon, Feb 13, 2017 at 10:57 PM +0100, "Anthony Scarpino" <anthony.scarpino at oracle.com> wrote:
Hi,
I need a quick review on a simple certpath config change.
http://cr.openjdk.java.net/~ascarpino/8174849/webrev/
thanks
Tony
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20170214/557c68bd/attachment.htm>
More information about the security-dev
mailing list