RFR 8212003: Obsoleting the default keytool -keyalg option

Weijun Wang weijun.wang at oracle.com
Fri Nov 16 03:20:35 UTC 2018 

Would like also please review the release note here?

  https://bugs.openjdk.java.net/browse/JDK-8213965

I had thought about using RN-Deprecated but there is no API here. If you think it's better, I'll use it and also change all "obsolete" into "deprecate" in the description and title of the release note/CSR/bug.

Thanks
Max

> On Nov 15, 2018, at 9:19 AM, Weijun Wang <weijun.wang at oracle.com> wrote:
> 
> Thanks to Xuelei and Sean. I added your recommended words and proposed the CSR.
> 
>> On Nov 15, 2018, at 6:16 AM, Sean Mullan <sean.mullan at oracle.com> wrote:
>> 
>> On 11/14/18 5:07 AM, Weijun Wang wrote:
>>> The CSR is re-opened. It is now focusing on -keyalg only. Please take a review:
>>>   https://bugs.openjdk.java.net/browse/JDK-8212111
>> 
>> I think the CSR should also include an example of the informational text showing what algs and size were used. Looks good otherwise.
>> 
>> --Sean
>> 
>>> Thanks
>>> Max
>>>> On Nov 7, 2018, at 11:51 PM, Weijun Wang <weijun.wang at oracle.com> wrote:
>>>> 
>>>> Oops, I take this back. The CSR needs more update.
>>>> 
>>>> Sorry if you have already start reading it.
>>>> 
>>>> Thanks
>>>> Max
>>>> 
>>>> 
>>>>> On Nov 7, 2018, at 9:27 AM, Weijun Wang <weijun.wang at oracle.com> wrote:
>>>>> 
>>>>> After some discussion, we decided to cover -keysize and -sigalg in this deprecation process too.
>>>>> 
>>>>> Please review the updated CSR at
>>>>> 
>>>>>  https://bugs.openjdk.java.net/browse/JDK-8212111
>>>>> 
>>>>> No webrev available yet.
>>>>> 
>>>>> Thanks
>>>>> Max
>>>>> 
>>>>> 
>>>>>> On Oct 18, 2018, at 10:34 AM, Weijun Wang <weijun.wang at oracle.com> wrote:
>>>>>> 
>>>>>> Please review the code change and CSR for
>>>>>> 
>>>>>> JBS: https://bugs.openjdk.java.net/browse/JDK-8212003
>>>>>> 
>>>>>> at
>>>>>> 
>>>>>> webrev: http://cr.openjdk.java.net/~weijun/8212003/webrev.00/
>>>>>> CSR: https://bugs.openjdk.java.net/browse/JDK-8212111
>>>>>> 
>>>>>> When -keyalg is not provided for -genkeypair or -genseckey, keytool will print out a warning. We plan to make this an error in a future release.
>>>>>> 
>>>>>> A new regression test ObsoleteKeyalg.java added. "-keyalg DSA" or "-keyalg DES" added to other tests.
>>>>>> 
>>>>>> A Mach5 job on tier1 and tier2 running now.
>>>>>> 
>>>>>> Thanks
>>>>>> Max
>>>>>> 
>>>>> 
>>>> 
>

More information about the security-dev mailing list