RFR: 8308592: Framework for CA interoperability testing [v4]
Sean Mullan
mullan at openjdk.org
Thu Jun 1 20:28:18 UTC 2023
On Thu, 1 Jun 2023 20:09:39 GMT, Rajan Halade <rhalade at openjdk.org> wrote:
>> The new approach uses test URLs directly to verify interoperability with CA infrastructure. This would help us avoid having regular test fixes to update test artifacts as long as CAs keep test domains up to date.
>
> Rajan Halade has updated the pull request incrementally with one additional commit since the last revision:
>
> 8308592: Framework for CA interoperability testing
test/jdk/security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java line 28:
> 26: * @param revocationMode revocation checking mode to use
> 27: */
> 28: public CAInterop(String revocationMode){
You could have instead added a static method to `ValidatePathWithURL`.
test/jdk/security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java line 33:
> 31: } if ("OCSP".equalsIgnoreCase(revocationMode)) {
> 32: ValidatePathWithURL.enableOCSPOnly();
> 33: }else {
Nit: space after `}`.
test/jdk/security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java line 47:
> 45: * @throws Exception thrown when certificate can't be validated as valid or revoked
> 46: */
> 47: public void validate(String caAlias,
Seems like you could also add this as a static method to `ValidatePathWithURL` and then you don't need this class.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/14252#discussion_r1213642143
PR Review Comment: https://git.openjdk.org/jdk/pull/14252#discussion_r1213640495
PR Review Comment: https://git.openjdk.org/jdk/pull/14252#discussion_r1213644110
More information about the security-dev
mailing list