RFR: 8277246: No need to check about KeyUsage when validating a TSA certificate

Weijun Wang weijun at openjdk.java.net
Tue Nov 16 19:43:49 UTC 2021


There is no need to check for the KeyUsage extension when validating a TSA certificate.

A test is modified where a TSA cert has a KeyUsage but without the DigitalSignature bit.

-------------

Commit messages:
 - 8277246: No need to check about KeyUsage when validating a TSA certificate

Changes: https://git.openjdk.java.net/jdk/pull/6416/files
 Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=6416&range=00
  Issue: https://bugs.openjdk.java.net/browse/JDK-8277246
  Stats: 7 lines in 2 files changed: 0 ins; 6 del; 1 mod
  Patch: https://git.openjdk.java.net/jdk/pull/6416.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/6416/head:pull/6416

PR: https://git.openjdk.java.net/jdk/pull/6416


More information about the security-dev mailing list