On Wed, 7 Feb 2024 15:27:46 GMT, Prajwal Kumaraswamy <[email protected]>
wrote:
>> src/java.base/share/classes/sun/security/ssl/X509Authentication.java line
>> 205:
>>
>>> 203: X509ExtendedKeyManager km = chc.sslContext.getX509KeyManager();
>>> 204: if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
>>> 205: SSLLogger.finest("X509ExtendedKeyManager being used: " +
>>
>> Could the JBS title be made more descriptive ? It's quite vague.
>>
>> I wonder if "X509KeyManager class: " would be better for displaying.
>>
>> `createServerPossession` would also benefit from this logging enhancement. I
>> wonder if this belongs in logging during SSLContext creation time instead.
>> Other security-dev engineers may have opinion on that.
>>
>> IIRC, there's another issue open where we iterate over the certificate
>> contexts of custom tm/km types. The JDK src does it at the moment for the
>> default tm/km but no output given for custom impl. Will be good to have that
>> tied up at some stage also.
>
> I have changed the title to reflect the specific change made here.
> I'll make changes in createServerPossession as well.
I have made changes and attached the testing snapshots in a zip file attached
in bug description
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/17742#discussion_r1482639556
