RFR 8214024: Remove the default keytool -keyalg value

Sean Mullan sean.mullan at oracle.com
Mon Nov 4 16:16:33 UTC 2019


On 11/1/19 11:07 PM, Weijun Wang wrote:
> Bug: https://bugs.openjdk.java.net/browse/JDK-8214024
> CSR: https://bugs.openjdk.java.net/browse/JDK-8233427

For the CSR, in the Problem section, you should add a similar 
statement/reference about DES being weak as you do for DSA, for example:

https://www.nist.gov/news-events/news/2005/06/nist-withdraws-outdated-data-encryption-standard

and:

https://tools.ietf.org/html/rfc4772

> Webrev: http://cr.openjdk.java.net/~weijun/8214024/webrev.00/

Will look at the code changes later.

--Sean

> 
> For most test changes, I simply added a "-keyalg DSA" to preserve the old behavior.
> 
> DeprecateKeyAlg.java is renamed to RemoveKeyAlgDefault.java and detection of warnings is changed to that of errors. 3 lines in this test are moved to another test.
> 
> Thanks,
> Max
> 



More information about the security-dev mailing list