RFR: 8179502: Enhance OCSP, CRL and Certificate Fetch Timeouts [v2]

Jamil Nimeh jnimeh at openjdk.org
Mon May 22 17:30:50 UTC 2023


On Tue, 9 May 2023 14:59:36 GMT, Sean Mullan <mullan at openjdk.org> wrote:

>> Jamil Nimeh has updated the pull request incrementally with one additional commit since the last revision:
>> 
>>   Add 's' suffix to allowed syntax
>
> I think you should also apply the cert and CRL timeouts to the `LDAPCertStore` implementation, using the JNDI properties: `com.sun.jndi.ldap.connect.timeout` and `com.sun.jndi.ldap.read.timeout`.

@seanjmullan if you have a chance would you mind taking a quick look at the release note for this change? (https://bugs.openjdk.org/browse/JDK-8308582)
It is pretty close to the CSR solution text, but I tried to trim it down a little.  It's still pretty long, but there's a lot to convey.

-------------

PR Comment: https://git.openjdk.org/jdk/pull/13762#issuecomment-1557618613


More information about the security-dev mailing list