RFR 8176536: Backport weak algorithms checking
Anthony Scarpino
anthony.scarpino at oracle.com
Fri Mar 17 20:25:52 UTC 2017
Oh yeah. I had forgot to resync to get your change. Thanks for the reminder.
Tony
> On Mar 17, 2017, at 1:06 PM, Sean Mullan <sean.mullan at oracle.com> wrote:
>
> Looks good to me. Please also include the recent fix to disable SHA-1 TLS Server certificates in this backport: https://bugs.openjdk.java.net/browse/JDK-8176503
>
> --Sean
>
>> On 3/16/17 1:04 AM, Anthony Scarpino wrote:
>> Hi,
>>
>> I need a review of this large backport of the weak algorithm checking
>> code to jdk8.
>>
>> In mosts cases the changes are either identical or 95% of what is in
>> jdk9, the below two files deviate the most from jdk9 because of other
>> jdk9 features:
>> src/share/classes/sun/security/ssl/SSLContextImpl.java
>> src/share/classes/sun/security/validator/PKIXValidator.java
>>
>> http://cr.openjdk.java.net/~ascarpino/8176536/webrev/
>>
>> thanks
>>
>> Tony
More information about the security-dev
mailing list