Re: Suggestion needed to port the fix to JDK17 and JDK11S

On 14/02/2025 08:18, Shruthi . wrote: Hi Alan, Reordering |preClose()| in AIX resolves the customer issue. We have validated the fix, and the customer has confirmed it as well. It may have resolved your customer issue but I'm not yet convinced it's a robust workaround for the AIX issue.  Can

Re: RFR: 8347946: Add API note that caller should validate/trust signers to the getCertificates and getCodeSigners methods of JarEntry and JarURLConnection

On Fri, 14 Feb 2025 07:33:58 GMT, Jaikiran Pai wrote: > Hello Sean, given the assertable change to the API documentation of > `java.net.JarURLConnection.getCertificates()`, which now specifies the order > of the returned certificates, would this require a CSR? Yes, I think we should. I'll do t

RE: Suggestion needed to port the fix to JDK17 and JDK11

Hi Alan, Reordering preClose() in AIX resolves the customer issue. We have validated the fix, and the customer has confirmed it as well. Thanks Shruthi From: Alan Bateman Sent: Thursday, February 13, 2025 10:20 PM To: Shruthi . ; net-dev@openjdk.org Cc: Syed

Re: RFR: 8347946: Add API note that caller should validate/trust signers to the getCertificates and getCodeSigners methods of JarEntry and JarURLConnection

On Fri, 14 Feb 2025 13:57:12 GMT, Sean Mullan wrote: > > Hello Sean, given the assertable change to the API documentation of > > `java.net.JarURLConnection.getCertificates()`, which now specifies the > > order of the returned certificates, would this require a CSR? > > Yes, I think we should.

Re: RFR: 8347946: Add API note that caller should validate/trust signers to the getCertificates and getCodeSigners methods of JarEntry and JarURLConnection

On Thu, 13 Feb 2025 16:27:03 GMT, Sean Mullan wrote: > This change adds an API note to these methods recommending that the caller > should perform further validation steps on the code signers that signed the > JAR file, such as validating the code signer's certificate chain, and > determining