RFR: 8349583: Add mechanism to disable signature schemes based on their TLS scope [v3]
Artur Barashev
abarashev at openjdk.org
Mon Feb 24 18:24:53 UTC 2025
On Sun, 23 Feb 2025 02:27:28 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:
>> Artur Barashev has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Fix typo in java.security documentation
>
> src/java.base/share/classes/sun/security/util/DisabledAlgorithmConstraints.java line 220:
>
>> 218:
>> 219: // Checks if algorithm is disabled for the given TLS scopes.
>> 220: public boolean permits(String algorithm, Set<String> scopes) {
>
> Is there a reason you decided to have the caller make it into a `Set<String>` instead of passing SSLCryptoScope down?
We can't introduce new public API with this change, `SSLCryptoScope` isn't public.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/23681#discussion_r1968193888
More information about the security-dev
mailing list