CSR Review Request, JDK-8160247 Mark deprecated javax.security.cert APIs with forRemoval=true
Sean Mullan
sean.mullan at oracle.com
Mon Feb 25 21:23:19 UTC 2019
The diffs seem out of date. The @Deprecated annotations already have
@since="9".
There are a few JSSE APIs that reference these deprecated APIs that
should also be marked forRemoval and included in the CSR:
HandshakeCompletedEvent.getPeerCertificateChain()
SSLSession.getPeerCertificateChain()
(I think those are the only ones, but please double-check for others).
--Sean
On 2/20/19 2:38 PM, Xuelei Fan wrote:
> Hi,
>
> Could I get the CSR reviewed:
> https://bugs.openjdk.java.net/browse/JDK-8219472
>
> The javax.security.cert APIs were deprecated in 1.9 but have had the
> following warning (since 1.4.2) in the description of each class:
>
> Note: The classes in the package javax.security.cert exist for
> compatibility with earlier versions of the Java Secure Sockets
> Extension (JSSE). New applications should instead use the standard
> Java SE certificate classes located in java.security.cert.
>
> Since these earlier versions of JSSE are no longer maintained or
> supported, they should be removed in a future release.
>
> This proposal will add forRemoval=true to the deprecated
> javax.security.cert APIs.
>
> Thanks,
> Xuelei
More information about the security-dev
mailing list