An update on ecosystem concerns removing javax.security.cert
Eirik Bjørsnøs
eirbjo at gmail.com
Sat Apr 15 14:23:06 UTC 2023
>
> The changes in JDK-8241047 were intended to allow SSLSession
> implementations drop their dependence on
> javax.security.cert.X509Certificate but it may take time if implementations
> are still expecting to be able to compile to a wide range of releases that
> include JDK 14 or older.
JDK-8241047 was indeed a very good move, and seems to be a key enabler for
projects to easily drop their dependencies on javax.security.cert. It is
really unfortunate we missed the train on backporting this to the 11 MR.
I understand the concerns regarding implementations expecting to be able to
compile to a wide range of releases. However, if we indefinitely continue
to meet this expectation, then when can we ever remove anything? Besides
that, BouncyCastle provides an example that it is very possible to move
forward while still compiling to a wide range of releases - it just puts a
burden on projects needing this to maintain a more complex build and
release system.
Cheers,
Eirik.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20230415/c6194ebd/attachment.htm>
More information about the security-dev
mailing list