Hi Eirik,
Thanks for thinking about this issue. First, I agree that some changes
are probably useful, but we probably need to discuss this more, and
maybe try to address the more pressing issues first. Some of my thoughts:
- I don't think the cache should be removed. I think it can improve
p
On Mon, Apr 24, 2023 at 10:28 AM Bernd wrote:
> Not sure what exactly is cached, but for CRL only the latest CRL version
> should be cached and only for its lifetime (refresh time).
>
The current cache is not that sophisticated. It uses the encoded byte array
as a key which maps to the parsed C
behalf of Eirik Bjørsnøs Sent: Monday, April 24, 2023 8:34 AMTo: security-dev@openjdk.org Subject: X509Factory cache control Hi,When reaching out to the BouncyCastle community regarding the deprecated javax.security.cert APIs, I got some interesting feedback from Matti Aarnio of Methics Ltd:Long ago
Hi,
When reaching out to the BouncyCastle community regarding the deprecated
javax.security.cert APIs, I got some interesting feedback from Matti Aarnio
of Methics Ltd:
Long ago we did encounter problems with JRE's X509CertImpl.java class, and
> more so with X509CRLImpl.java. Both have internal
