[11u]: RFR: Backport of 8215694: keytool cannot generate RSASSA-PSS certificates

Hohensee, Paul hohensee at amazon.com
Mon Jul 1 15:36:59 UTC 2019


Yes.  Thanks, Paul.

On 7/1/19, 7:26 AM, "Langer, Christoph" <christoph.langer at sap.com> wrote:

    Hi Paul,
    
    thanks for your review.
    
    > In CertAndKeyGen.java, does generate() need a throws declaration?
    
    It doesn't. IllegalArgumentException is a RuntimeException and as such doesn't need a throws declaration. And InvalidKeyException is obviously not needed and was removed in the original changeset as well.
    
    > Otherwise looks good.
    
    Thanks. I also asked Max Wang to have a look off list and he seems to agree as well.
    
    > We've been talking about backporting patches with CSRs and have done at
    > least one. Imo, 8076190 and 8213400 are good backport candidates since the
    > spec changes are minor.
    
    Yes, a CSR is not necessarily a showstopper for a backport. But as it is not my area of expertise and there's no other reason that makes backports of these bugs important to me, I don't want to take the additional work and responsibility for these backports. But feel free to do this ��
    
    So, I guess I'm good to push this, once approved.
    
    Cheers,
    Christoph
    
    



More information about the security-dev mailing list