RFR: 8334106: Problemlist CAInterop.java#quovadisrootca1g3 due to JDK-8334105 [v2]
SendaoYan
syan at openjdk.org
Wed Jun 19 16:01:19 UTC 2024
On Fri, 14 Jun 2024 00:58:30 GMT, SendaoYan <syan at openjdk.org> wrote:
>> Thanks for the approved.
>
>> @sendaoYan As a best practice, it would be useful to first understand why the test is not working before putting it on the ProblemList. Depending on the severity of the problem that is not always possible, but it should be the first step in an evaluation in my opinion. Minimally, the referenced issue should have an Assignee so that it is assured someone will look into it. Once an issue is on the ProblemList, it unfortunately doesn't address the underlying issue, and may not get the same attention if some evaluation had been done beforehand. Another suggestion is to ask about it on the OpenJDK security-dev alias, where there are Security Group members who have more experience with these tests and can decide what the best course of action is.
>>
>> The infra tests are not part of any of our CI tiers, so generally there is more time to investigate and figure out what the issue is in tests like this before putting it on the Problem List. Often the certificate tests fail because of an issue on the CA side, which sometimes can be fixed quickly after contacting the CA.
>>
>> In summary, please hold off on adding this test to the ProblemList until we have some time to evaluate the test failure. Thank you.
>
> Got it. Thank you for your detailed explanation.
> If this issue fails cause by CA side or some other reason, and the the failure can fixed quickly, I think we should close these related PRs.
> @sendaoYan Looks like the root cause was fixed by the CA and this PR (and according bug) can be closed now.
Okey.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/19685#issuecomment-2179037838
More information about the security-dev
mailing list