RFR: 8311596: Add separate system properties for TLS server and client for maximum chain length [v4]
Hai-May Chao
hchao at openjdk.org
Fri Oct 13 19:33:10 UTC 2023
On Fri, 13 Oct 2023 18:02:34 GMT, Mark Powers <mpowers at openjdk.org> wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Change made to configure max allowed cert chain lengths based on updated CSR
>
> src/java.base/share/classes/sun/security/ssl/SSLConfiguration.java line 117:
>
>> 115: static final int maxClientCertificateChainLength;
>> 116:
>> 117: // Limit the maximum certificate chain length accepted from servers
>
> I would drop "maximum" and just say "Limit the certificate chain length accepted from servers". It's not worth making this change unless you have to make another change to this file.
ok
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/15163#discussion_r1358734306
More information about the security-dev
mailing list