RFR 8176536: Backport weak algorithms checking
Sean Mullan
sean.mullan at oracle.com
Fri Mar 17 20:06:39 UTC 2017
Looks good to me. Please also include the recent fix to disable SHA-1
TLS Server certificates in this backport:
https://bugs.openjdk.java.net/browse/JDK-8176503
--Sean
On 3/16/17 1:04 AM, Anthony Scarpino wrote:
> Hi,
>
> I need a review of this large backport of the weak algorithm checking
> code to jdk8.
>
> In mosts cases the changes are either identical or 95% of what is in
> jdk9, the below two files deviate the most from jdk9 because of other
> jdk9 features:
> src/share/classes/sun/security/ssl/SSLContextImpl.java
> src/share/classes/sun/security/validator/PKIXValidator.java
>
> http://cr.openjdk.java.net/~ascarpino/8176536/webrev/
>
> thanks
>
> Tony
More information about the security-dev
mailing list