RFR 8210821: Support dns_canonicalize_hostname in krb5.conf

Roger Riggs Roger.Riggs at oracle.com
Mon Oct 8 18:19:37 UTC 2018 

Hi Max,

The release note is fine though it would more complete if it contained a 
link
to the krb5_conf.html where the behavior is described.

The original issue https://bugs.openjdk.java.net/browse/JDK-8210821
describes the behavior if set to 'false', while the release note is 
written describing if it
is set to 'true'.  Updating the original issue description to be from 
the same point (true)
of view might reduce any possible confusion about the behavior.

Thanks, Roger


On 10/08/2018 04:11 AM, Weijun Wang wrote:
> And please also review the release note at
>
>     https://bugs.openjdk.java.net/browse/JDK-8211380
>
> The text is copied below:
>
> Supports the `dns_canonicalize_hostname` setting in krb5.conf. When set to true, a short hostname in a service principal name will be canonicalized to a FQDN if available. Otherwise, no canonicalization is performed. The default value is true. This is also the behvaior before JDK 12.
>
> Thanks
> Max
>
>
>> On Sep 29, 2018, at 8:15 AM, Valerie Peng <valerie.peng at oracle.com> wrote:
>>
>>
>> Sure, I like the new simplified result.
>>
>> Changes look fine,
>>
>> Valerie
>>
>>
>> On 9/26/2018 7:09 PM, Weijun Wang wrote:
>>> Webrev updated at https://cr.openjdk.java.net/~weijun/8210821/webrev.01.
>>>
>>>> On Sep 26, 2018, at 11:57 PM, Weijun Wang <weijun.wang at oracle.com> wrote:
>>>>
>>>> Hi Valerie
>>>>
>>>> I've updated the CSR to remove the "always canonicalize" choice and now the default is "true", i.e. the current "smart-canonicalization" behavior. It's 12am here and I'll update the webrev tomorrow.
>>>>
>>>> Thanks
>>>> Max
>>>>
>>>>> On Sep 18, 2018, at 8:52 AM, Valerie Peng <valerie.peng at oracle.com> wrote:
>>>>>
>>>>> Look fine to me. Added myself to CSR as reviewer.
>>>>>
>>>>> Thanks,
>>>>>
>>>>> Valerie
>>>>>
>>>>>
>>>>> On 9/17/2018 1:17 AM, Weijun Wang wrote:
>>>>>> Please review the code change and CSR at
>>>>>>
>>>>>>    http://cr.openjdk.java.net/~weijun/8210821/webrev.00/
>>>>>>    https://bugs.openjdk.java.net/browse/JDK-8210822
>>>>>>
>>>>>> Thanks
>>>>>> Max
>>>>>>

-- 
Thanks, Roger

More information about the security-dev mailing list