On Mon, 8 Feb 2021 20:46:41 GMT, Sean Mullan <mul...@openjdk.org> wrote:
> Please review this change to disable XML signatures that use SHA-1 based > digest or signature algorithms. SHA-1 is weak and is not a recommended > algorithm for digital signatures. This will improve out of the box security > by restricting XML signatures that use SHA-1 algorithms. > > CSR: https://bugs.openjdk.java.net/browse/JDK-8261246 > Release Note: https://bugs.openjdk.java.net/browse/JDK-8261364 Marked as reviewed by rhalade (Reviewer). ------------- PR: https://git.openjdk.java.net/jdk/pull/2463