Looks fine to me.
Just a trivial format comment. Some use link for "RFC 2253", some do
not. It's OK. And it's good as well if you want to use a uniform style.
Xuelei
On 8/21/2020 9:24 AM, Sean Mullan wrote:
Ping ...
On 8/7/20 10:01 AM, Sean Mullan wrote:
Please review this change to deprecate the following APIs:
java.security.cert.X509Certificate.getIssuerDN()
java.security.cert.X509Certificate.getSubjectDN()
java.security.cert.X509CRL.getIssuerDN()
java.security.cert.X509CertSelector.setIssuer(String)
java.security.cert.X509CertSelector.setSubject(String)
java.security.cert.X509CertSelector.getIssuerAsString()
java.security.cert.X509CertSelector.getSubjectAsString()
java.security.cert.X509CRLSelector.addIssuerName(String)
These APIs either take or return Distinguished Names as Principal or
String objects which can cause issues due to loss of encoding
information or differences when comparing names across different
Principal implementations. All of them have alternative APIs which use
X500Principal objects instead. They have long had warnings in the
javadoc and have been discouraged from being used. There are no plans
to remove the APIs at this time, as they have been in the platform for
a long time and removing them would be a much higher compatibility risk.
webrev: https://cr.openjdk.java.net/~mullan/webrevs/8241003/webrev.00/
CSR: https://bugs.openjdk.java.net/browse/JDK-8250970
bug: https://bugs.openjdk.java.net/browse/JDK-8241003
--Sean