RFR: 8311596: Add separate system properties for TLS server and client for maximum chain length [v6]

Xue-Lei Andrew Fan xuelei at openjdk.org
Fri Oct 20 17:22:36 UTC 2023


On Wed, 18 Oct 2023 00:25:02 GMT, Hai-May Chao <hchao at openjdk.org> wrote:

>> Please review the enhancement for JDK-8311596 and its CSR JDK-8313236. Thank you.
>
> Hai-May Chao has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains six additional commits since the last revision:
> 
>  - Merge
>  - Override the client/server defaults
>  - Change made to configure max allowed cert chain lengths based on updated CSR
>  - Merge
>  - Set to default if a negative value is set
>  - 8311596: Add separate system properties for TLS server and client for maximum chain length

I was wondering, if it is easier to learn and remember/search by following the naming style "jdk.tls.client.XXX" or "jdk.tls.server.XXX" in SunJSSE provider?

-------------

PR Comment: https://git.openjdk.org/jdk/pull/15163#issuecomment-1773113371


More information about the security-dev mailing list