BTW, is there any SHA1 deprecation planned/expected for JNLP code signing?
--
http://bernd.eckenfels.net
-Original Message-
From: "Seán Coffey"
To: "security-dev@openjdk.java.net"
Sent: Mi., 27 Jan. 2016 17:40
Subject: RFR :
When would the TLS protocol changes as defined by RFC 7627 be
committed to JSSE? So far my search has turned up nothing (no open
feature request or bug on OpenJDK, nor anything in web-searches). I
realize the RFC was finalized fairly recent, and the mitigation has
been in JSSE for a while now.
On 01/27/2016 11:43 AM, e...@zusammenkunft.net wrote:
BTW, is there any SHA1 deprecation planned/expected for JNLP code signing?
Yes. We are working on a plan for restricting certificates signed with
SHA-1 and other use cases, but don't have any dates to share yet.
Thanks,
Sean
Changes look fine except for the following nit:
NativePRNG.java: mark all constants final.
Thanks,
Valerie
On 12/1/2015 3:44 PM, Anthony Scarpino wrote:
Hi all,
I'd like a review of this change. It improves nextBytes() performance
by allowing the random buffer to grow and shrink as random
Looks good to me.
--Sean
On 01/26/2016 04:56 AM, Wang Weijun wrote:
Hi All
Please review the patch below. Every change after line 873 is adding
"@SuppressWarnings("deprecation")" to a top-level class that references the
PolicyTool class. I wish they were static inner classes.
We also
Hi,
I'd like to backport this enhancement to JDK 8u. It's been approved via
CCC process already.
The fix differs to that in JDK 9 in that I've chosen not to update the
JDK 9 deprecated ContentSignerParameters interface. That was a request
from Dev engineer.
For jdk8u, the tSAPolicyID