Re: RFR: 8358159: Empty mode/padding in cipher transformations [v5]

On Tue, 10 Jun 2025 08:17:29 GMT, Varada M wrote: >> Varada M has updated the pull request incrementally with one additional >> commit since the last revision: >> >> 8358159: Empty mode/padding in cipher transformations > > Thanks all @varada1110 After checking various javadoc, security docu

Re: RFR: 8357995: Use "stdin.encoding" for reading System.in with InputStreamReader/Scanner [core] [v6]

On Wed, 11 Jun 2025 10:43:47 GMT, Volkan Yazici wrote: >> Passes the `Charset` read from the `stdin.encoding` system property while >> creating `InputStreamReader` or `Scanner` instances for `System.in`. >> >> `stdin.encoding` is a recently added property for Java 25 in >> [JDK-8350703](https:

Integrated: 8349550: Improve SASL random usage

On Wed, 14 May 2025 23:37:09 GMT, Koushik Muthukrishnan Thirupattur wrote: > Check Digest-MD5 utilities SecureRandom Usage and update random usage with > secure random This pull request has now been integrated. Changeset: db7af2b3 Author:Koushik Thirupattur Committer: Sean Mullan URL:

Re: RFR: 8349550: Improve SASL random usage [v4]

On Fri, 30 May 2025 18:19:13 GMT, Koushik Muthukrishnan Thirupattur wrote: >> Check Digest-MD5 utilities SecureRandom Usage and update random usage with >> secure random > > Koushik Muthukrishnan Thirupattur has updated the pull request with a new > target base due to a merge or a rebase. The

Re: RFR: 8349910: Implement JEP 517: HTTP/3 for the HTTP Client API [v8]

> Hi, > > Please find here a PR for the implementation of [JEP 517: HTTP/3 for the HTTP > Client API](https://openjdk.org/jeps/517). > > The CSR can be viewed at [JDK-8350588: Implement JEP 517: HTTP/3 for the HTTP > Client API](https://bugs.openjdk.org/browse/JDK-8350588) > > This JEP propose

Re: RFR: 8349946: Cipher javadoc could describe AEAD reuse better [v2]

> The class documentation in javax.crypto.Cipher could better describe AEAD and > reuse. The current class description example is outdated as GCM encryption > does not allow resets. The doc should state that reset() may not be possible > with some algorithms or providers and that an > InvalidAl

Re: [Bug] NPE thrown from SASL GSSAPI impl on Java 11+ when TLS is used with QOP auth-int against Active Directory

Hi Michael, Please share a working copy of the code to duplicate the failure scenario of NPE related to Connection.java. BTW, I checked the stack trace posted on April 28 it did not clearly show Connection::cleanup got called. Was there something missed? Hi Weibing, apologies, it took me so

Re: RFR: 8314180: Disable XPath in XML Signatures

On Tue, 10 Jun 2025 12:29:24 GMT, Sean Mullan wrote: > The XPath Transform is rarely used, introduces complexity, and is not > recommended by the [XML Signature Best > Practices](https://www.w3.org/TR/xmldsig-bestpractices/) document. > Applications should use the XPath Transform 2.0 Filter in