On Fri, 2 Apr 2021 11:52:16 GMT, Weijun Wang wrote:
>>> Maybe we don't need to resolve it in this code change. If we look carefully
>>> at RFC 8410 Sections 10.1 and 10.2, it shows the X25519 certificate in 10.2
>>> is using the signer's SKID in 10.1 as its own SKID and it has no AKID.
>>>
On Fri, 2 Apr 2021 01:40:16 GMT, Weijun Wang wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> update with review comments
>
> src/java.base/share/classes/sun/security/tools/keytool/Main.java line 1978:
>
>> 1976:
On Fri, 2 Apr 2021 04:03:50 GMT, Xue-Lei Andrew Fan wrote:
>> Maybe we don't need to resolve it in this code change. If we look carefully
>> at RFC 8410 Sections 10.1 and 10.2, it shows the X25519 certificate in 10.2
>> is using the signer's SKID in 10.1 as its own SKID and it has no AKID.
>>
On Fri, 2 Apr 2021 01:56:15 GMT, Weijun Wang wrote:
> Maybe we don't need to resolve it in this code change. If we look carefully
> at RFC 8410 Sections 10.1 and 10.2, it shows the X25519 certificate in 10.2
> is using the signer's SKID in 10.1 as its own SKID and it has no AKID.
> Currently,
On Fri, 2 Apr 2021 01:56:15 GMT, Weijun Wang wrote:
>> Only a few minor comments. Approved.
>
> Maybe we don't need to resolve it in this code change. If we look carefully
> at RFC 8410 Sections 10.1 and 10.2, it shows the X25519 certificate in 10.2
> is using the signer's SKID in 10.1 as its
On Fri, 2 Apr 2021 01:44:03 GMT, Weijun Wang wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> update with review comments
>
> Only a few minor comments. Approved.
Maybe we don't need to resolve it in this code
On Thu, 1 Apr 2021 23:36:04 GMT, Hai-May Chao wrote:
>> Please review the changes that adds the -signer option to keytool
>> -genkeypair command. As key agreement algorithms do not have a signing
>> algorithm, the specified signer's private key will be used to sign and
>> generate a key
> Please review the changes that adds the -signer option to keytool -genkeypair
> command. As key agreement algorithms do not have a signing algorithm, the
> specified signer's private key will be used to sign and generate a key
> agreement certificate.
> CSR review is at: