A possible JEP to replace SecurityManager after JEP 411

Here at Red Hat there have been serious discussions about the impacts of security manager removal on our users, and whether there is an actual value impact, and if so, whether it can be mitigated or reversed somehow. We are interested in exploring whether we can come up with a way in which vendors

Re: Proposal: Extend Windows KeyStore support to include access to the local machine location

Hi Weijun Thank you for the feedback, I'd like to address point 2 first as I think this might also address point 1 >> 2. PrivateKeyEntry is (IMO) mainly used for client auth in TLS. We don't >> want new entries suddenly appear  >> there and automatically chosen by a key manager. >> >> It looks

Re: Proposal: Extend Windows KeyStore support to include access to the local machine location

BTW, since this is Windows specific anyway and since we have also a combining virtual Keystore, why not allow a new naming scheme which allows to access any of the Keystores? like “Windows-ROOT/ADdressbook”? Gruss Bernd -- http://bernd.eckenfels.net Von: securit

Re: RFR: 8284368: Remove finalizer method in jdk.crypto.cryptoki

On Tue, 5 Apr 2022 19:55:55 GMT, Xue-Lei Andrew Fan wrote: > Please review the update to remove finalizer method in the > jdk.crypto.cryptoki module. It is one of the efforts to clean up the use of > finalizer method in JDK. Looks good. Thanks! - Marked as reviewed by valeriep (R

RFR: 8209038: Clarify the javadoc of Cipher.getParameters()

Anyone can help review this javadoc update? The main change is the wording for the method javadoc of Cipher.getParameters()/CipherSpi.engineGetParameters(). The original wording is somewhat restrictive and request is to broaden this to accommodate more scenarios such as when null can be returned

Re: RFR: 8284291: sun/security/krb5/auto/Renew.java fails intermittently on Windows 11

On Tue, 5 Apr 2022 08:23:39 GMT, Andrey Turbanov wrote: >> `Thread.sleep()` seems not very precise on some systems. Update this test to >> check the current time continously. > > 50 repeats. No failures. Thank you! @turbanoff Thanks for the code review. At the same time, I'm still curious why

Re: A possible JEP to replace SecurityManager after JEP 411

Thanks David, I'd certainly support such a proposal and encourage OpenJDK to consider exploring it. Perhaps also consider; no privileges should be granted unless a privileged call is made, this simplifies the the stack walk, such that it's only required when a privileged call is made. With

RFR: 8284415: Collapse identical catch branches in security libs

Let's take advantage of Java 7 language feature - "Catching Multiple Exception Types". It simplifies code. Reduces duplication. Found by IntelliJ IDEA inspection `Identical 'catch' branches in 'try' statement` - Commit messages: - [PATCH] Collapse identical catch branches in securi