On Fri, 14 Jan 2022 18:42:08 GMT, Michael McMahon <micha...@openjdk.org> wrote:
>> src/java.security.jgss/share/classes/module-info.java line 36: >> >>> 34: module java.security.jgss { >>> 35: requires java.naming; >>> 36: requires java.security.sasl; >> >> Someone from security-dev should probably review this and validate that this >> is OK. I'm also a bit uncomfortable that we require a class from >> `com.sun.jndi.ldap.sasl` even though `java.naming` is already required by >> `java.security.jgss` - so maybe this is OK. > > Yes. I would like the security team to validate this. I suggest moving the `TlsChannelBinding` class into `java.base/sun.security.util` since it's not only used by LDAP anymore. You might need to modify the types of exceptions thrown in the class and move the 2 final strings to some other class inside `java.security.sasl`. ------------- PR: https://git.openjdk.java.net/jdk/pull/7065