CSR Review Request, JDK-8160247 Mark deprecated javax.security.cert APIs with forRemoval=true

Sean Mullan sean.mullan at oracle.com
Mon Feb 25 21:23:19 UTC 2019

The diffs seem out of date. The @Deprecated annotations already have 

There are a few JSSE APIs that reference these deprecated APIs that 
should also be marked forRemoval and included in the CSR:


(I think those are the only ones, but please double-check for others).


On 2/20/19 2:38 PM, Xuelei Fan wrote:
> Hi,
> Could I get the CSR reviewed:
>      https://bugs.openjdk.java.net/browse/JDK-8219472
> The javax.security.cert APIs were deprecated in 1.9 but have had the 
> following warning (since 1.4.2) in the description of each class:
>      Note: The classes in the package javax.security.cert exist for
>      compatibility with earlier versions of the Java Secure Sockets
>      Extension (JSSE). New applications should instead use the standard
>      Java SE certificate classes located in java.security.cert.
> Since these earlier versions of JSSE are no longer maintained or 
> supported, they should be removed in a future release.
> This proposal will add forRemoval=true to the deprecated 
> javax.security.cert APIs.
> Thanks,
> Xuelei

More information about the security-dev mailing list