CSR Review Request, JDK-8160247 Mark deprecated javax.security.cert APIs with forRemoval=true
Xuelei Fan
xuelei.fan at oracle.com
Tue Feb 26 03:35:21 UTC 2019
All comments make sense to me. I have updated the CSR accordingly.
Thanks,
Xuelei
On 2/25/2019 1:23 PM, Sean Mullan wrote:
> The diffs seem out of date. The @Deprecated annotations already have
> @since="9".
>
> There are a few JSSE APIs that reference these deprecated APIs that
> should also be marked forRemoval and included in the CSR:
>
> HandshakeCompletedEvent.getPeerCertificateChain()
> SSLSession.getPeerCertificateChain()
>
> (I think those are the only ones, but please double-check for others).
>
> --Sean
>
> On 2/20/19 2:38 PM, Xuelei Fan wrote:
>> Hi,
>>
>> Could I get the CSR reviewed:
>> https://bugs.openjdk.java.net/browse/JDK-8219472
>>
>> The javax.security.cert APIs were deprecated in 1.9 but have had the
>> following warning (since 1.4.2) in the description of each class:
>>
>> Note: The classes in the package javax.security.cert exist for
>> compatibility with earlier versions of the Java Secure Sockets
>> Extension (JSSE). New applications should instead use the standard
>> Java SE certificate classes located in java.security.cert.
>>
>> Since these earlier versions of JSSE are no longer maintained or
>> supported, they should be removed in a future release.
>>
>> This proposal will add forRemoval=true to the deprecated
>> javax.security.cert APIs.
>>
>> Thanks,
>> Xuelei
More information about the security-dev
mailing list