On 11/26/18 8:32 PM, Weijun Wang wrote:
Ping

I made a few tweaks to the title and wording.


On Nov 15, 2018, at 9:24 AM, Weijun Wang <weijun.w...@oracle.com> wrote:



On Nov 15, 2018, at 3:53 AM, Adam Petcher <adam.petc...@oracle.com> wrote:

This looks good to me, though I made a couple of trivial editorial changes. 
It's fine as is, but you may want to consider using secp384r1 instead of 
brainpool256r1 in your example. I worry that people will experiment with the 
new feature using your example, and then we'll get bug tickets because the 
resulting keystore doesn't work with TLS.

This is exactly the advice I need from an expert.

However, secp384r1 is already the default choice for `-keysize 384`. Do you 
have another recommendation that has to be set with `-groupname`?

I think it is ok to use secp384r1 in the release note even though it is the default for -keysize 384.

BTW, did you also file a docs issue to update the keytool docs with the new -groupname option?

--Sean


Thanks
Max


On 11/13/2018 7:56 PM, Weijun Wang wrote:
Thanks. Please also take a look at the release note at 
https://bugs.openjdk.java.net/browse/JDK-8213821.

--Max

On Nov 13, 2018, at 11:02 PM, Adam Petcher <adam.petc...@oracle.com> wrote:

This change looks good to me. Thanks.



Reply via email to