Looks good. --Sean
On 02/16/2016 12:16 AM, Xuelei Fan wrote:
Added a new regression test: http://cr.openjdk.java.net/~xuelei/8139565/webrev.01/ Thanks, Xuelei On 2/15/2016 8:23 AM, Xuelei Fan wrote:Hi, Please review this security crypto constraints update: http://cr.openjdk.java.net/~xuelei/8139565/webrev.00/ This fix updates the java security property, "jdk.certpath.disabledAlgorithms", to restrict the use of certificates with DSA keys less than 1024 bits in certification path processing. Applications can update this restriction in the security property ("jdk.certpath.disabledAlgorithms") and permit smaller key sizes if really needed (for example, "DSA keySize < 768"). Thanks, Xuelei
