RFR (12): 8207258: Distrust TLS server certificates anchored by Symantec Root CAs
Sean Mullan
sean.mullan at oracle.com
Fri Dec 7 16:02:38 UTC 2018
Please review this change to Distrust TLS server certificates anchored
by Symantec Root CAs. Although the restrictions won't kick in until
after 12 GA, the fix touches code that validates certificate chains, so
getting this into 12 now will provide more assurance that the chain
validation code continues to work properly.
webrev: http://cr.openjdk.java.net/~mullan/webrevs/8207258/webrev.01/
issue: https://bugs.openjdk.java.net/browse/JDK-8207258
Please see the recently posted blog for more information about the
restrictions that are being imposed:
https://blogs.oracle.com/java-platform-group/jdk-distrusting-symantec-tls-certificates
Thanks,
Sean
More information about the security-dev
mailing list