RFR: 8293489: Accept CAs with BasicConstraints without pathLenConstraint
Weijun Wang
weijun at openjdk.org
Wed Sep 7 20:03:40 UTC 2022
On Wed, 7 Sep 2022 18:56:42 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Provide a new test for an old bug fix.
>
> test/jdk/sun/security/ssl/X509TrustManagerImpl/BasicConstraints12.java line 72:
>
>> 70: System.out.println("Calling trustmanager...");
>> 71:
>> 72: tm.checkServerTrusted(chain, "RSA");
>
> Maybe add a comment that any authType works because the EE cert allows all key usages (has no KU ext).
I'll change the key to RSA.
-------------
PR: https://git.openjdk.org/jdk/pull/10203
More information about the security-dev
mailing list