RFR: 8160655 Fix denyAfter and usage types for security properties

Sean Mullan sean.mullan at oracle.com
Thu Jan 26 21:57:25 UTC 2017


Looks good, mostly minor stuff so far, just have one other file I need 
more time to review:

* java.security

Update description of new constraints to match CCC.

* PKIXExtendedParameters.java

Update class description (it is out-of-date).

* CertConstraintParameters.java

2  * Copyright (c) 2016, 2017 Oracle and/or its affiliates. All rights 
reserved.

Should be a comma after 2017.

* AlgorithmChecker.java

278         String currSigAlg = ((X509Certificate)cert).getSigAlgName();

Just use x509Cert.getSigAlgName() instead

* SignatureFileVerifier.java

294         Timestamp[] timestamp = new Timestamp[newSigners.length];

"timestamps" would be more clear as a variable name

299                 System.out.println("Timestamp[" + (i - 1) + "] = " +

debug.println

--Sean

On 1/23/17 6:27 PM, Anthony Scarpino wrote:
> Hi,
>
> I need a code review of this change that brings more detail constraints
> checking and control to certpath and jar disabled algorithm Security
> properties.
>
> http://cr.openjdk.java.net/~ascarpino/8160655/webrev/
>
> thanks
>
> Tony


More information about the security-dev mailing list