Hello,
Microsoft just released an Security Advisory, announcing that upcoming Windows
Server Versions will turn on mandatory TLS Channel Binding (and turn off simple
binds with mandatory SASL signing) on LDAP Servers.
They also reminded Administrators to install the KB patch and turn the harden
Thanks for the report. I've filed
https://bugs.openjdk.java.net/browse/JDK-8236145.
--Max
> On Dec 18, 2019, at 7:43 AM, Jiva, Azeem wrote:
>
> Security experts,
> The official Java Security Standard Algorithm Names incorrectly documents
> the Signature.*withECDSAinP1363Format algorithms as
Security experts,
The official Java Security Standard Algorithm Names incorrectly documents the
Signature.*withECDSAinP1363Format algorithms as
SEQUENCE ::= { r INTEGER, s INTEGER }
This is incorrect. The IEEE P1363 Format is defined as concatenating the r and
s values (with no ASN.1 encodin
Hi,
Could I please get a review of this OpenJDK 8u backport of 8233223
which depends on 8u backport of 8232019[1]. The JDK 11u patch did not
apply cleanly for a couple of reasons:
1. 8u still has the binary blob for cacerts (JDK-8193255
notĀ backported, yet). Instead, I've updated to the
Hi,
Could I please get a review of this OpenJDK 8u backport of 8232019. The
JDK 11 patch did not apply cleanly for a couple of reasons:
1. 8u still has the binary blob for cacerts (JDK-8193255 not
backported, yet). Instead, I've updated to the revision in jdk11u,
performed a build
On 12/17/19 3:47 AM, Weijun Wang wrote:
Multiple tests failed after my code change for including the public key into
the encoded EC private key:
https://bugs.openjdk.java.net/browse/JDK-8234465
https://hg.openjdk.java.net/jdk/jdk/rev/066bb54fba95
The reason is that while a newly gene
Hi Tony,
thank you for the clarification.
Btw: If I'm not mistaken, the new System properties for stateless session
resumption are not included in the documentation
https://docs.oracle.com/en/java/javase/13/security/java-secure-socket-extension-jsse-reference-guide.html#GUID-93DEEE16-0B70-40E5-
The changes to the SCTP code seem ok.
-Chris.
> On 17 Dec 2019, at 03:00, Patrick Zhang OS
> wrote:
>
> Thanks Martin.
>
> Hi net-dev, and/or security-dev Reviewers,
>
> Please help review and sponsor this patch if acceptable.
> It does not tend to bring any functionality changes, instead to
Multiple tests failed after my code change for including the public key into
the encoded EC private key:
https://bugs.openjdk.java.net/browse/JDK-8234465
https://hg.openjdk.java.net/jdk/jdk/rev/066bb54fba95
The reason is that while a newly generated ECPrivateKeyImpl (or one decoded
from a
