Looks fine.
Not as part of this fix, but as a future perf. improvement we should
intern (see X509Factory.intern) the X509CertImpl objects that are
created from the contents of the OCSP response, so that they are put in
the certificate memory cache. If the same OCSP responder is used
frequentl
Thanks for your reviews. I’ve made a minor change to include a message in
the CPVE, as suggested by Max.
% hg diff OCSPResponse.java
diff --git a/src/share/classes/sun/security/provider/certpath/OCSPResponse.java
b/src/share/classes/sun/security/provider/certpath/OCSPResponse.java
--- a/src/share
It looks good. Would you like to add a string message?
Thanks
Max
On 12/10/13, 9:47, Jason Uh wrote:
Hi Vinnie,
The change looks good to me.
Jason
(Not an official Reviewer)
On 12/9/13 3:25 PM, Vincent Ryan wrote:
Please review this fix to the OCSPResponse class in the internal
sun.securit
Hi Vinnie,
The change looks good to me.
Jason
(Not an official Reviewer)
On 12/9/13 3:25 PM, Vincent Ryan wrote:
Please review this fix to the OCSPResponse class in the internal
sun.security.provider.certpath package. Previously, when validating
an OCSP response, it expected the supplied issu
Looks fine to me.
Xuelei
On 12/10/2013 7:25 AM, Vincent Ryan wrote:
>
> Please review this fix to the OCSPResponse class in the internal
> sun.security.provider.certpath package. Previously, when validating
> an OCSP response, it expected the supplied issuer and/or trusted
> responder X509 certs
Please review this fix to the OCSPResponse class in the internal
sun.security.provider.certpath package. Previously, when validating
an OCSP response, it expected the supplied issuer and/or trusted
responder X509 certs to already be in an internal format used by
the package. Now it accepts certs
