RFR 8241888: Mirror jdk.security.allowNonCaAnchor system property with a security one
Sean Mullan
sean.mullan at oracle.com
Wed Apr 1 19:47:36 UTC 2020
On 3/30/20 7:58 PM, Martin Balao wrote:
> Hi,
>
> I'd like to request a review for 8241888 [1].
>
> Webrev.00:
>
> * http://cr.openjdk.java.net/~mbalao/webrevs/8241888/8241888.webrev.00/
* PKIXValidator
65 * System property that if set (or set to "true"), allows trust
anchor
Change this to "System or security property ..."
- Update the copyright date.
* java.security
1308 # X.509 v3 certificates used as Trusted Anchors (to validate signed
code or TLS
s/Trusted/Trust
You should also say that if they include a Key Usage extension, the
keyCertSign bit must be set.
--Sean
>
> CSR (waiting for review): https://bugs.openjdk.java.net/browse/JDK-8241893
>
> I've not included my regression test as it's a trivial change and my
> test is actually testing SecurityProperties -which has already been tested-.
>
> Thanks,
> Martin.-
>
> --
> [1] - https://bugs.openjdk.java.net/browse/JDK-8241888
>
More information about the security-dev
mailing list