RFR 8176536: Backport weak algorithms checking (original) (raw)

Sean Mullan sean.mullan at oracle.com
Fri Mar 17 20:06:39 UTC 2017


Looks good to me. Please also include the recent fix to disable SHA-1 TLS Server certificates in this backport: https://bugs.openjdk.java.net/browse/JDK-8176503

--Sean

On 3/16/17 1:04 AM, Anthony Scarpino wrote:

Hi,

I need a review of this large backport of the weak algorithm checking code to jdk8. In mosts cases the changes are either identical or 95% of what is in jdk9, the below two files deviate the most from jdk9 because of other jdk9 features: src/share/classes/sun/security/ssl/SSLContextImpl.java src/share/classes/sun/security/validator/PKIXValidator.java http://cr.openjdk.java.net/~ascarpino/8176536/webrev/ thanks Tony



More information about the security-dev mailing list