Re: [14] RFR 8162628: Migrate cacerts keystore from JKS

On 8/14/19 10:07 AM, Weijun Wang wrote: The difference will be big. I've simplified the logic into 1. read bytes between first ": " and \r\n as alias 2. read bytes between first \r\n after first "-" and next "-" as a cert 3. goto 1 And I only store the cert bytes and do not create a Certificate

Re: [14] RFR 8162628: Migrate cacerts keystore from JKS

> On Aug 22, 2019, at 10:40 PM, Sean Mullan wrote: > > On 8/14/19 10:07 AM, Weijun Wang wrote: >> The difference will be big. I've simplified the logic into >> 1. read bytes between first ": " and \r\n as alias >> 2. read bytes between first \r\n after first "-" and next "-" as a cert >> 3. go

Re: [RFR] JDK-8225436 : Stapled OCSPResponses should be added to PKIXRevocationChecker irrespective of revocationEnabled flag

On 8/20/19 12:14 PM, Jamil Nimeh wrote: Thanks for the review, Sean.  I've made a couple changes based on your recommendations.  I don't create a mutable ArrayList any longer in the case where we're making a new PKIXRevocationChecker.  In that one case I just directly add it to the PKIXBuilderP

Re: [RFR] JDK-8225436 : Stapled OCSPResponses should be added to PKIXRevocationChecker irrespective of revocationEnabled flag

Oops, missed that one.  Good catch. --Jamil On 8/22/19 1:14 PM, Sean Mullan wrote: On 8/20/19 12:14 PM, Jamil Nimeh wrote: Thanks for the review, Sean.  I've made a couple changes based on your recommendations.  I don't create a mutable ArrayList any longer in the case where we're making a ne

Re: Serialzation PREVIOUSLY: RFR: 8229773: Resolve permissions for code source URLs lazily

Hi Sean, Regarding the section entitled "Why not write a new serialization library?", unlike the serialization libraries listed, our purpose was to be able to securely deserialize untrusted data, while maintaining backward serial form compatibility with Java Serialization, provided it didn't

Re: Serialzation PREVIOUSLY: RFR: 8229773: Resolve permissions for code source URLs lazily

"...since at the time the industry believed that distributed objects were going to save us from complexity.) Many of the sins of serialization were committed in the desire to get that last .1%, but the cost and benefit of that last .1% are woefully out of balance." The following are probably a

Re: Serialzation PREVIOUSLY: RFR: 8229773: Resolve permissions for code source URLs lazily

I probably should have vetted this before hitting send... let me know if you need any clarifications. Cheers, Peter. On 23/08/2019 12:59 PM, Peter Firmstone wrote: "...since at the time the industry believed that distributed objects were going to save us from complexity.) Many of the sins of