On Mon, 27 Sep 2021 01:28:29 GMT, Weijun Wang <wei...@openjdk.org> wrote:
>> This code change removes weak etypes from the default list so it's safer to >> enable one of them. See the corresponding CSR at >> https://bugs.openjdk.java.net/browse/JDK-8274207 for more explanation. BTW, >> please review the CSR as well. > > Weijun Wang has updated the pull request incrementally with one additional > commit since the last revision: > > disable weak checksums as well src/java.security.jgss/share/classes/sun/security/krb5/internal/crypto/EType.java line 57: > 55: private static int[] defaultETypes; > 56: // allow_weak_crypto in krb5.conf > 57: public static boolean allowWeakCrypto; Can you make this package-private instead? I think it is only accessed by `sun.security.krb5.internal.crypto.Cksum`. ------------- PR: https://git.openjdk.java.net/jdk/pull/5654
