Should deprecated classes CertException, CertParseError be marked forRemoval=true?
Sean Mullan
sean.mullan at oracle.com
Mon Apr 24 17:39:25 UTC 2023
I think these classes can be simply removed. These are internal classes
which are not supported externally and strongly encapsulated by default.
This is an internal class so it does not have to go through a
"forRemoval" process before it is removed.
For my comment below, I was probably being overcareful, as
the sun.security.x509 classes have been in the JDK for a long time, and
there may have been some external usages (even though not supported).
But applications have had plenty of warnings by now not to use these
internal APIs.
So I think it is safe to remove these now. It should not require a CSR.
--Sean
On 4/21/23 5:59 PM, Eirik Bjørsnøs wrote:
> Hi,
>
> JDK-8157707 [1] deprecated the java.security.Certificate API. In a
> comment in that issue, Sean writes:
>
> As part of this change, the internal classes
> sun.security.x509.CertException and sun.security.x509.CertParseError
> should be marked for removal (they are already deprecated) and
> removed when java.security.Certificate is removed.
>
>
> I see that neither sun.security.x509.CertException
> nor sun.security.x509.CertParseError are marked forRemoval today.
>
> Was this an oversight? Should we fix it? Would be strange to
> remove java.security.Certificate but leave these two, right?
>
> I'm happy to do a PR and also CSR if that's required for these internal
> classes.
>
> Thanks,
> Eirik.
>
> [1] https://bugs.openjdk.org/browse/JDK-8157707
> <https://bugs.openjdk.org/browse/JDK-8157707>
>
More information about the security-dev
mailing list