RFR JDK-8241039, Retire the deprecated SSLSession.getPeerCertificateChain() method
Sean Mullan
sean.mullan at oracle.com
Mon Mar 16 12:18:38 UTC 2020
302 throw new UnsupportedOperationException(
303 "This method has retired, pleaase use the " +
304 "getPeerCertificates() method instead.");
Not sure the word "retired" is the correct term here. It is unusual to
see that term with respect to APIs. I would use the common terms
associated with deprecated methods. How about:
throw new UnsupportedOperationException(
"This method is deprecated and marked for removal. Use the " +
"getPeerCertificates() method instead.");
--Sean
On 3/16/20 12:25 AM, Xuelei Fan wrote:
> Hi,
>
> Could I get the following update reviewed?
>
> Bug: https://bugs.openjdk.java.net/browse/JDK-8241039
> CSR: https://bugs.openjdk.java.net/browse/JDK-8241047
> webrev: http://cr.openjdk.java.net/~xuelei/8241039/webrev.00/
>
> In a preview review thread,
>
> https://mail.openjdk.java.net/pipermail/security-dev/2020-March/021401.html
>
> I requested to remove the deprecated javax.security.cert APIs in JDK 15.
> Be part of the removal, the deprecated interface method
> javax.net.ssl.SSLSession.getPeerCertificateChain() is also involved.
>
> As SSLSession.getPeerCertificateChain() is an interface method, third
> party's implementation must override this method. If it is removed,
> there are compiler errors unless the override implementation get removed
> in third party's source code.
>
> Maybe, we could retire SSLSession.getPeerCertificateChain() first, and
> then come back to remove the deprecated javax.security.cert package in a
> few years.
>
> In this update, I'm trying to change
> SSLSession.getPeerCertificateChain() to default method , throwing
> exception in the default implementation, and removing the real
> implementation in the SunJSSE provider and related code (Httpclient).
>
> Thanks,
> Xuelei
More information about the security-dev
mailing list