<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body style="zoom: 0%;">
<div dir="auto">Hi.<br>
<br>
<br>
</div>
<div dir="auto">I believe that you should remove deprecated javax api's. By delaying it, you are pushing the problem into 2022.<br>
<br>
<br>
</div>
<div dir="auto">If they are removed now then it will force developers to use the correct crypto api's, rather than using a mixture which is what's currently happening.<br>
<br>
<br>
</div>
<div dir="auto">The compatibility problem for historic code can fixed by an optional 3rd party library/module.<br>
<br>
<br>
</div>
<div dir="auto">Cheers<br>
<br>
<br>
</div>
<div dir="auto">Paul<br>
<br>
<br>
<br>
<br>
</div>
<div class="gmail_quote">On 16 Mar 2020, at 04:32, Xuelei Fan <<a href="mailto:xuelei.fan@oracle.com" target="_blank">xuelei.fan@oracle.com</a>> wrote:
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<pre class="blue">Hi,<br><br>Thank you all for the review.<br><br>This is a note to cancel this update. During the review, we got <br>concerns about the compatibility impact about the removal of the <br>interface method (SSLSession.getPeerCertificateChain()). Maybe, I <br>should move forward to resolve the concern first, and then come back for <br>the removal in a few years.<br><br>For more details, please refer to the new code review request:<br><a href="https://mail.openjdk.java.net/pipermail/security-dev/2020-March/021421.html">https://mail.openjdk.java.net/pipermail/security-dev/2020-March/021421.html</a><br><br>Thanks & Regards,<br>Xuelei<br><br>On 3/12/2020 10:34 AM, Xuelei Fan wrote:<br><blockquote class="gmail_quote" style="margin: 0pt 0pt 1ex 0.8ex; border-left: 1px solid #729fcf; padding-left: 1ex;"> And the release note task:<br> <a href="https://bugs.openjdk.java.net/browse/JDK-8240968">https://bugs.openjdk.java.net/browse/JDK-8240968</a><br> <br> Xuelei<br> <br> On 3/12/2020 9:47 AM, Xuelei Fan wrote:<br><blockquote class="gmail_quote" style="margin: 0pt 0pt 1ex 0.8ex; border-left: 1px solid #ad7fa8; padding-left: 1ex;"> Hi,<br><br> Could I get the following update reviewed?<br><br> CSR: <a href="https://bugs.openjdk.java.net/browse/JDK-8227395">https://bugs.openjdk.java.net/browse/JDK-8227395</a><br> Webrev: <a href="http://cr.openjdk.java.net/~xuelei/8227024/webrev.00">http://cr.openjdk.java.net/~xuelei/8227024/webrev.00</a>/<br><br> The legacy javax.security.cert APIs and the dependent were initially <br> deprecated in Java SE 9 and marked for removal in Java SE 13. <br> Applications should use the java.security.cert APIs for now. This is <br> a request to remove the deprecated javax.security.cert APIs.<br><br> The use of the legacy APIs should be rare now. But please let me know <br> if you have concerns before March 19, 2019.<br><br> Thanks & Regards,<br> Xuelei<br></blockquote></blockquote></pre>
</blockquote>
</div>
</body>
</html>