RFR 8214024: Remove the default keytool -keyalg value
Sean Mullan
sean.mullan at oracle.com
Mon Nov 4 16:16:33 UTC 2019
On 11/1/19 11:07 PM, Weijun Wang wrote:
> Bug: https://bugs.openjdk.java.net/browse/JDK-8214024
> CSR: https://bugs.openjdk.java.net/browse/JDK-8233427
For the CSR, in the Problem section, you should add a similar
statement/reference about DES being weak as you do for DSA, for example:
https://www.nist.gov/news-events/news/2005/06/nist-withdraws-outdated-data-encryption-standard
and:
https://tools.ietf.org/html/rfc4772
> Webrev: http://cr.openjdk.java.net/~weijun/8214024/webrev.00/
Will look at the code changes later.
--Sean
>
> For most test changes, I simply added a "-keyalg DSA" to preserve the old behavior.
>
> DeprecateKeyAlg.java is renamed to RemoveKeyAlgDefault.java and detection of warnings is changed to that of errors. 3 lines in this test are moved to another test.
>
> Thanks,
> Max
>
More information about the security-dev
mailing list