Re: RFR[13] JDK-8204203: Many pkcs11 tests failed in Provider initialization, after compiler on Windows changed

Hi Valeria, On 2019/5/1 04:25, Valerie Peng wrote: Looks fine to me. Thanks for your review! With further testing, sun/security/tools/keytool/NssTest.java may fail due to some dependencies are not found. But this failure should not be related to this NSS libs upgrade, because it could also r

RFR 8223063: Support CNG RSA keys

Please take a look at https://cr.openjdk.java.net/~weijun/8223063/webrev.00/ Unfortunately, although the new test I added succeeds on my own machine, the "certutil -importPFX" command inside always fail on Mach5 with Command line: [certutil -f -v -p changeit -user -importpfx MY ks NoRoot

Re: RFR 8215032: Support Kerberos cross-realm referrals (RFC 6806)

Hi Max, Thanks for your feedback. Here it's Webrev.01: * http://cr.openjdk.java.net/~mbalao/webrevs/8215032/8215032.webrev.01/ Webrev.01 includes: * rep.encKDCRepPart.pAData may be null in KrbKdcRep.java (found by Max) * When requesting a TGS, the sname principal name is of type KRB_NT_SRV

Re: RFR[13] JDK-8204203: Many pkcs11 tests failed in Provider initialization, after compiler on Windows changed

Looks fine to me. Just curious, how do we see the changes on the artifactory side? Valerie On 4/23/2019 7:39 PM, sha.ji...@oracle.com wrote: Hi, NSS 3.41 has been approved, so just build this version for windows (with VS2017) and macosx. Webrev: http://cr.openjdk.java.net/~jjiang/8204203/we

Re: RFR: 8222137: Remove T-Systems root CA certificate

Looks good. --Sean On 4/30/19 2:39 PM, Rajan Halade wrote: Please review this fix for removal of T-Systems Deutsche Telekom Root CA 2 certificate. Webrev: http://cr.openjdk.java.net/~rhalade/8222137/webrev.00/ Release note is at - https://bugs.openjdk.java.net/browse/JDK-8223161 Thanks, Raj

RFR: 8222137: Remove T-Systems root CA certificate

Please review this fix for removal of T-Systems Deutsche Telekom Root CA 2 certificate. Webrev: http://cr.openjdk.java.net/~rhalade/8222137/webrev.00/ Release note is at - https://bugs.openjdk.java.net/browse/JDK-8223161 Thanks, Rajan

Re: RFR [backport to jdk and 11u]: 8216577: Add GlobalSign's R6 Root certificate

Thanks Christoph for this. I have pushed fix to jdk/jdk repository. - Rajan On 4/29/19 12:31 AM, Langer, Christoph wrote: Hi, the change to add GlobalSign's R6 Root certificate has only been pushed to jdk12 updates (12.0.1) so far. According to [0], it was an oversight to not have it added

Re: Regarding JDK-8216577: Add GlobalSign's R6 Root certificate

Thanks for clarifying, Henry. Rajan, can you push this to JDK 13 so everything is back in sync? Thanks, Sean On 4/29/19 10:09 PM, Henry Jen wrote: This seems should be pushed into jdk.jdk directly as it’s not a vulnerability issue. There is no doubt now this should be pushed directly as it’s