> RSASSA-PSS is currently the only signature algorithm we support that comes > with algorithm parameters. We don't check for those parameters when > validating certificates against supported signature algorithm constraints.
Artur Barashev has updated the pull request incrementally with two additional commits since the last revision: - Cleaner certpath validation solution - Alternative solution for JDK-8367104 ------------- Changes: - all: https://git.openjdk.org/jdk/pull/27146/files - new: https://git.openjdk.org/jdk/pull/27146/files/85a7b6f1..0be01de0 Webrevs: - full: https://webrevs.openjdk.org/?repo=jdk&pr=27146&range=09 - incr: https://webrevs.openjdk.org/?repo=jdk&pr=27146&range=08-09 Stats: 49 lines in 4 files changed: 6 ins; 34 del; 9 mod Patch: https://git.openjdk.org/jdk/pull/27146.diff Fetch: git fetch https://git.openjdk.org/jdk.git pull/27146/head:pull/27146 PR: https://git.openjdk.org/jdk/pull/27146
