RFR 8212003: Obsoleting the default keytool -keyalg option
Weijun Wang
weijun.wang at oracle.com
Thu Nov 15 01:19:56 UTC 2018
Thanks to Xuelei and Sean. I added your recommended words and proposed the CSR.
> On Nov 15, 2018, at 6:16 AM, Sean Mullan <sean.mullan at oracle.com> wrote:
>
> On 11/14/18 5:07 AM, Weijun Wang wrote:
>> The CSR is re-opened. It is now focusing on -keyalg only. Please take a review:
>> https://bugs.openjdk.java.net/browse/JDK-8212111
>
> I think the CSR should also include an example of the informational text showing what algs and size were used. Looks good otherwise.
>
> --Sean
>
>> Thanks
>> Max
>>> On Nov 7, 2018, at 11:51 PM, Weijun Wang <weijun.wang at oracle.com> wrote:
>>>
>>> Oops, I take this back. The CSR needs more update.
>>>
>>> Sorry if you have already start reading it.
>>>
>>> Thanks
>>> Max
>>>
>>>
>>>> On Nov 7, 2018, at 9:27 AM, Weijun Wang <weijun.wang at oracle.com> wrote:
>>>>
>>>> After some discussion, we decided to cover -keysize and -sigalg in this deprecation process too.
>>>>
>>>> Please review the updated CSR at
>>>>
>>>> https://bugs.openjdk.java.net/browse/JDK-8212111
>>>>
>>>> No webrev available yet.
>>>>
>>>> Thanks
>>>> Max
>>>>
>>>>
>>>>> On Oct 18, 2018, at 10:34 AM, Weijun Wang <weijun.wang at oracle.com> wrote:
>>>>>
>>>>> Please review the code change and CSR for
>>>>>
>>>>> JBS: https://bugs.openjdk.java.net/browse/JDK-8212003
>>>>>
>>>>> at
>>>>>
>>>>> webrev: http://cr.openjdk.java.net/~weijun/8212003/webrev.00/
>>>>> CSR: https://bugs.openjdk.java.net/browse/JDK-8212111
>>>>>
>>>>> When -keyalg is not provided for -genkeypair or -genseckey, keytool will print out a warning. We plan to make this an error in a future release.
>>>>>
>>>>> A new regression test ObsoleteKeyalg.java added. "-keyalg DSA" or "-keyalg DES" added to other tests.
>>>>>
>>>>> A Mach5 job on tier1 and tier2 running now.
>>>>>
>>>>> Thanks
>>>>> Max
>>>>>
>>>>
>>>
More information about the security-dev
mailing list