On 2/14/17 2:33 AM, Bernd Eckenfels wrote:
Hello,
The bug does not explain why. I would understand to completely deny SHA1
(I.e. Unconditionally), but allowing it seems strange, especially
without a justification.
The initial disabling of SHA-1 certificates in JDK 9 is too broad and
affects all certificates. The compatibility risk at this time is too
high to make that change. We are working on an updated plan which will
focus initially on TLS Server certificates. More details will be
provided later.
Thanks,
Sean
Gruss
Bernd
--
http://bernd.eckenfels.net
On Mon, Feb 13, 2017 at 10:57 PM +0100, "Anthony Scarpino"
<[email protected] <mailto:[email protected]>> wrote:
Hi,
I need a quick review on a simple certpath config change.
http://cr.openjdk.java.net/~ascarpino/8174849/webrev/
thanks
Tony
