I may be a little bit hesitate to add such words, "highly recommended to
use the latest NSS version ...", in the general TOP doc. There are a
few issues that I wary about:
It is not always expected that all PKCS 11 test should be run on latest
NSS version. Otherwise, there might be compatibility issues that we did
not handle properly. The JDK is expected to work with as much NSS
versions as possible, not just the latest version. It is good to know
which version does not really work because of a specific bug.
The note should be added as close as to the place where the issue
happens, for maintaining and searching. I think the best place could be
the test code where the failure occurs
(test/jdk/sun/security/pkcs11/Secmod/AddTrustedCert.java?).
However, I'm still not sure if we really want this note.
JDK-8231338 is reported with NSS 3.35. Per the comment, the test could
pass with NSS 3.35 on Debian and Ubuntu, and the bug submitter could
pass the test with a proper build of NSS 3.35. And then the bug was
closed as "Cannot Reproduce". I think we are done with the bug. It
might not be necessary to add a note any more.
Just my $.02.
Xuelei
On 9/23/2019 9:06 PM, Jia Huang wrote:
Hi John Jiang,
Thank you for your review.
在 2019年09月23日 20:54, sha.ji...@oracle.com 写道:
In fact, PKCS11 tests have their own doc at:
test/jdk/sun/security/pkcs11/README
I'm afraid most people wouldn't see test/jdk/sun/security/pkcs11/README
at all.
So it makes very little sense to add the notes in it.
I still prefer doc/testing.md.
A reference to test/jdk/sun/security/pkcs11/README had been added in [1].
Thanks a lot.
Best regards,
Jia
[1] http://cr.openjdk.java.net/~jiefu/8231351-huangjia/webrev.01/
