RFR 8212003: Obsoleting the default keytool -keyalg option

Weijun Wang weijun.wang at oracle.com
Thu Nov 15 01:19:56 UTC 2018


Thanks to Xuelei and Sean. I added your recommended words and proposed the CSR.

> On Nov 15, 2018, at 6:16 AM, Sean Mullan <sean.mullan at oracle.com> wrote:
> 
> On 11/14/18 5:07 AM, Weijun Wang wrote:
>> The CSR is re-opened. It is now focusing on -keyalg only. Please take a review:
>>    https://bugs.openjdk.java.net/browse/JDK-8212111
> 
> I think the CSR should also include an example of the informational text showing what algs and size were used. Looks good otherwise.
> 
> --Sean
> 
>> Thanks
>> Max
>>> On Nov 7, 2018, at 11:51 PM, Weijun Wang <weijun.wang at oracle.com> wrote:
>>> 
>>> Oops, I take this back. The CSR needs more update.
>>> 
>>> Sorry if you have already start reading it.
>>> 
>>> Thanks
>>> Max
>>> 
>>> 
>>>> On Nov 7, 2018, at 9:27 AM, Weijun Wang <weijun.wang at oracle.com> wrote:
>>>> 
>>>> After some discussion, we decided to cover -keysize and -sigalg in this deprecation process too.
>>>> 
>>>> Please review the updated CSR at
>>>> 
>>>>   https://bugs.openjdk.java.net/browse/JDK-8212111
>>>> 
>>>> No webrev available yet.
>>>> 
>>>> Thanks
>>>> Max
>>>> 
>>>> 
>>>>> On Oct 18, 2018, at 10:34 AM, Weijun Wang <weijun.wang at oracle.com> wrote:
>>>>> 
>>>>> Please review the code change and CSR for
>>>>> 
>>>>> JBS: https://bugs.openjdk.java.net/browse/JDK-8212003
>>>>> 
>>>>> at
>>>>> 
>>>>> webrev: http://cr.openjdk.java.net/~weijun/8212003/webrev.00/
>>>>> CSR: https://bugs.openjdk.java.net/browse/JDK-8212111
>>>>> 
>>>>> When -keyalg is not provided for -genkeypair or -genseckey, keytool will print out a warning. We plan to make this an error in a future release.
>>>>> 
>>>>> A new regression test ObsoleteKeyalg.java added. "-keyalg DSA" or "-keyalg DES" added to other tests.
>>>>> 
>>>>> A Mach5 job on tier1 and tier2 running now.
>>>>> 
>>>>> Thanks
>>>>> Max
>>>>> 
>>>> 
>>> 




More information about the security-dev mailing list