[1] https://github.com/openjdk/jdk/pull/8211
>
>
> Cheers
> Mat
>
> Sent from Outlook
> From: Wei-Jun Wang
> Sent: Monday, April 11, 2022 3:33 PM
> To: Mat Carter
> Cc: Bernd Eckenfels ; security-dev@openjdk.java.net
>
> Subject: Re: Proposal: Extend
Added a comment and assigned the enhancement to you. Thanks.
--Weijun
> On Apr 11, 2022, at 5:02 PM, Mat Carter wrote:
>
> Thanks, Weijun
>
> Let's move ahead with the two new strings while we consider read-only access.
> As the current assignee can you update the JBS issue [1] with what we'
ific anyway and since we have also a combining
> virtual Keystore, why not allow a new naming scheme which allows to access
> any of the Keystores? like “Windows-ROOT/ADdressbook”?
>
> Gruss
> Bernd
>
> --
> http://bernd.eckenfels.net
> Von: security-dev
Hi Mat,
We have 2 main concerns:
1. In Java's KeyStore a certificate entry is called TrustedCertificateEntry.
The name implies that the certificate is trusted for any purpose. We don't want
some certificates that were not meant to be trusted shown up.
2. PrivateKeyEntry is (IMO) mainly used fo
Hi Daniel,
Yes, http://openjdk.java.net/projects/#project-author page contains a template.
You mainly need to talk about your previous contributions to OpenJDK.
And yes, the Project Lead is Mark Reinhold, mark dot reinhold at oracle dot com.
Good luck!
--Weijun
> On Dec 21, 2021, at 5:29 AM,
> On Dec 20, 2021, at 2:04 PM, Daniel Jeliński wrote:
>
> Hello,
> I fixed a few exception strings that had missing spaces between words;
> the PR can be found here https://github.com/openjdk/jdk/pull/6894.
>
> I could use some assistance with a JBS ticket and reviews here.
>
> On a side note
My understanding is that Java's PKCS12KeyStore will fabricate an alias string
if there is no friendlyName, since every entry inside a KeyStore object must
have an alias. I'll take some look tomorrow.
Thanks,
Max
> On Nov 30, 2021, at 10:01 PM, Michael StJohns wrote:
>
> Hi -
>
> Generically,
> On Nov 24, 2021, at 11:14 AM, Anders Rundgren
> wrote:
>
> Hi List,
>
> Although this bug is for BC, I believe the problem is rather in JDK 17:
> https://github.com/bcgit/bc-java/issues/823#issuecomment-977919380
Can you point out which part in JDK 17 the problem is?
Please note that in J
KrbKdcReq throws the exception on line 55, so it is the previous check
if (isAsReq && !req.reqBody.cname.equals(rep.cname) &&
((!req.reqBody.kdcOptions.get(KDCOptions.CANONICALIZE) &&
req.reqBody.cname.getNameType() !=
PrincipalName.KRB_NT_
I think it's worth backporting to older LTS releases. Will ask sustaining on it.
Thanks,
Weijun
> On Oct 5, 2021, at 2:36 PM, can comert wrote:
>
>
> Is there any backporting for a LTS version planned?
Hi Ning,
Thanks for the report. It is indeed a bug.
I've filed a PR at https://github.com/openjdk/jdk/pull/5706.
Best wishes,
Weijun
> On Sep 26, 2021, at 1:22 AM, Zhang, Ning wrote:
>
> Here is the test program for demonstrating the issue. Thanks.
>
> /*
> * This java program demonstrates t
5:34 PM, Horváth Péter Gergely
> wrote:
>
> OK, I think we can agree on that. Please add the changes of KeyTab.java: it
> should be helpful in future releases.
>
> Thanks,
> Peter
>
> On Wed, Aug 18, 2021, 23:06 Wei-Jun Wang, wrote:
> I think the new message in Key
that.
> Please take a look and let me know what you think.
>
> Thanks,
> Peter
>
>
>
>
> Wei-Jun Wang ezt írta (időpont: 2021. aug. 17., K,
> 23:33):
> How do you think if we add some debug info at the internal KeyTab creation at
> [1]?
>
> For the 2 ex
How do you think if we add some debug info at the internal KeyTab creation at
[1]?
For the 2 exceptions we can print out a line and the exception.toString(), then
you will know if the filename doesn’t exist, or is a directory, or no
permission to read.
Of course, you will need to turn on -Dsun
Hi Michael,
I’m not sure what exact problem you ran into, but looking at the implementation
of PKCS12KeyStore at [1] the friendly name is hardcoded to be encoded in
BMPString:
bagAttr1.putOID(PKCS9FriendlyName_OID);
DerOutputStream bagAttrContent1 = new DerOutputStream()
> On Jun 29, 2021, at 3:08 AM, Jaikiran Pai wrote:
>
>
> On 29/06/21 12:34 pm, Jaikiran Pai wrote:
>>
>>
>>
>> > Out of all these 4 points, I think if point number 2 can be addressed such
>> > that it just prints only once the warning for each caller class, then the
>> > issue noted by u
> On May 3, 2021, at 1:16 PM, Jean-Yves Cronier wrote:
>
> Following the advice of Wei-Jun Wang, I share/forward to this mailing-list,
> details of a problem that I encounter on MacOS.
>
> At the moment, I don't know how to modify the existing code so that the Apple
https://bugs.openjdk.java.net/browse/JDK-8261472 filed.
Thanks,
Max
> On Feb 9, 2021, at 12:12 PM, Anders Rundgren
> wrote:
>
> Since the JDK bug report tool does not include "keytool" I posted this here.
> I believe I saw this a decade ago but it still looks like a bug, albeit a
> very minor
Thanks. I also noticed ‘openssl x509’ has a -force_pubkey for this case. We’ll
think about what is the best we can do.
—Max
> On Feb 1, 2021, at 11:23 AM, Anders Rundgren
> wrote:
>
> On 2021-02-01 16:01, Wei-Jun Wang wrote:
>>> On Feb 1, 2021, at 2:32 AM, Anders
> On Feb 1, 2021, at 2:32 AM, Anders Rundgren
> wrote:
>
> On 2021-01-31 20:00, Wei-Jun Wang wrote:
>> https://bugs.openjdk.java.net/browse/JDK-8260693 filed.
>
> Thanx!
> In the bug report you also write:
>
>We'll also need a way to generat
https://bugs.openjdk.java.net/browse/JDK-8260693 filed.
Thanks,
Max
> On Jan 31, 2021, at 2:12 AM, Anders Rundgren
> wrote:
>
> Since the JDK bug report tool does not include "keytool" I posted this here.
>
> Keytool for JDK 15 reports "Subject Public Key Algorithm: XDH key of unknown
> size
The interop test is bi-directional. The new JDK needs to understand what older
JDKs produce, vice versa. Therefore it must launch those older JDKs.
Thanks
Max
在 Jul 16, 2012,10:22 PM,Sean Mullan 写道:
> Hi Max,
>
> The fix looks fine, but I am wondering if it is appropriate to require that
>
22 matches
Mail list logo
