RFR: 8301154: SunPKCS11 KeyStore deleteEntry results in dangling PrivateKey entries
Valerie Peng
valeriep at openjdk.org
Mon May 8 18:50:25 UTC 2023
On Fri, 5 May 2023 22:59:06 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Hmm, I think the rest of chain should still be checked and removed if no dependents for them.
>
> Of course, I was only talking about the final return value.
>
> And, I take back my words. This method should return true no matter what `destroyIt` is. The return value is only used in `deleteEntry` and it should be true even if the.cert is used elsewhere.
Yes, I also think that true should be returned regardless of the destroyIt value.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13743#discussion_r1187775836
More information about the security-dev
mailing list