RFR: 8337664: Distrust TLS server certificates issued after Oct 2024 and anchored by Entrust Root CAs [v4]
Mark Powers
mpowers at openjdk.org
Tue Sep 3 19:09:24 UTC 2024
On Tue, 3 Sep 2024 17:41:24 GMT, Rajan Halade <rhalade at openjdk.org> wrote:
>> Mark Powers has updated the pull request incrementally with one additional commit since the last revision:
>>
>> beware moving lines around
>
> test/jdk/sun/security/ssl/X509TrustManagerImpl/Entrust/Distrust.java line 141:
>
>> 139: // expired TLS certificates should not be treated as failure
>> 140: if (expired(ce)) {
>> 141: System.err.println("Test is N/A, chain is expired");
>
> Should this be updated to throw SkippedException so we know that certificates are expired?
The comment indicates this is normal and not deserving of an exception to grab someone's attention. Sean might think otherwise.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20731#discussion_r1742542346
More information about the security-dev
mailing list