Re: Canonical/portable way to obtain long term key for a GSS security context (acceptor side)

True, and in fact that is what I am going to do for now: same principal, same etype, trying to get the KeyTab object from the Subject's private creds, but still it loads more keys than necessary and and will incur unnecessary signature calculations. Thank your for your consideration. On 2024-

Integrated: 8331864: Update Public Suffix List to 1cbd6e7

On Tue, 7 May 2024 17:08:46 GMT, Weijun Wang wrote: > Update PSL to the latest upstream version. This pull request has now been integrated. Changeset: b9108334 Author:Weijun Wang URL: https://git.openjdk.org/jdk/commit/b91083341aba952befadd79020079920f9540999 Stats: 568 lines in

Re: RFR: 8331864: Update Public Suffix List to 1cbd6e7

On Tue, 7 May 2024 17:08:46 GMT, Weijun Wang wrote: > Update PSL to the latest upstream version. Marked as reviewed by mullan (Reviewer). - PR Review: https://git.openjdk.org/jdk/pull/19127#pullrequestreview-2044368753

Re: RFR: 8330205: Initial troff manpage generation for JDK 24

On Tue, 7 May 2024 11:53:19 GMT, Pavel Rappo wrote: > Please review this mechanical change to man pages. This PR should be > integrated after https://github.com/openjdk/jdk/pull/18787. Marked as reviewed by jjg (Reviewer). - PR Review: https://git.openjdk.org/jdk/pull/19119#pullre

Re: Potential issues with javax.crypto under StructuredTaskScope/JDK22

Thanks for this great suggestion. The answers are the same, so it looks like my original premise is incorrect, and there are no issues with javax.crypto classes running in JDK22 on virtual threads. The remaining possibility is that the AWS client JAR, which is a thin layer atop a REST API backe

Re: RFR: 8330205: Initial troff manpage generation for JDK 24

On Tue, 7 May 2024 11:53:19 GMT, Pavel Rappo wrote: > Please review this mechanical change to man pages. This PR should be > integrated after https://github.com/openjdk/jdk/pull/18787. Thanks for reviewing it Joe, I'm now delegating integration of this PR to @JesperIRL, you, or anyone who will

RFR: 8331876: JFR: Move file read and write events to java.base

Hi, Could I have a review of a change that moves the jdk.FileRead and jdk.FileWrite events to java.base to remove the use of the ASM instrumentation. Testing: jdk/jdk/jfr Thanks Erik - Commit messages: - Update comment - Initial Changes: https://git.openjdk.org/jdk/pull/19129/f

Re: RFR: 8330205: Initial troff manpage generation for JDK 24

On Tue, 7 May 2024 11:53:19 GMT, Pavel Rappo wrote: > Please review this mechanical change to man pages. This PR should be > integrated after https://github.com/openjdk/jdk/pull/18787. Marked as reviewed by darcy (Reviewer). > This PR is standalone as opposed to dependent because the #18787 de

New candidate JEP: 478: Key Derivation API (Preview)

https://openjdk.org/jeps/478 Summary: Introduce an API for Key Derivation Functions (KDFs), which are cryptographic algorithms for deriving additional keys from a secret key and other data. This is a preview API. - Mark

RFR: 8331864: Update Public Suffix List to 1cbd6e7

Update PSL to the latest upstream version. - Commit messages: - the change Changes: https://git.openjdk.org/jdk/pull/19127/files Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=19127&range=00 Issue: https://bugs.openjdk.org/browse/JDK-8331864 Stats: 568 lines in 5 files chang

Re: RFR: 8330205: Initial troff manpage generation for JDK 24

On Tue, 7 May 2024 11:53:19 GMT, Pavel Rappo wrote: > Please review this mechanical change to man pages. This PR should be > integrated after https://github.com/openjdk/jdk/pull/18787. This PR is standalone as opposed to dependent because the https://github.com/openjdk/jdk/pull/18787 dependenc

RFR: 8330205: Initial troff manpage generation for JDK 24

Please review this mechanical change to man pages. This PR should be integrated after https://github.com/openjdk/jdk/pull/18787. - Commit messages: - Initial commit Changes: https://git.openjdk.org/jdk/pull/19119/files Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=19119&range=

Re: Add ToolProvider interface implementation keytool

We had a proposal for this at https://bugs.openjdk.org/browse/JDK-6539136 and it's also withdrawn. I've added some comments to it. Keytool is quite different from other tools because it's interactive and involves keystore and passwords. Thanks, Weijun > On May 7, 2024, at 6:16 AM, Wojtek wrote

Re: [Bug] javax.security.auth.kerberos.KeyTab returns unrequested keys

I'm thinking of the opposite. > On May 6, 2024, at 3:59 PM, Osipov, Michael (IN IT IN) > wrote: > > On 2024-05-06 21:55, Wei-Jun Wang wrote: >> Hi Michael, >> Thanks for the report. It seems not conforming to the RFC strictly >> but I hesitate to make a change now. >> The getKeys() method uses

Add ToolProvider interface implementation keytool

Hello, Move to strongly encapsulate JDK internals (i.e. JEP-403 and 396) affected access to generating self-signed certificates. JEP itself states: > Code that uses the sun.security.tools.keytool.CertAndKeyGen class to generate self-signed certificates. There is not yet a standard API for this

Re: [Bug] javax.security.auth.kerberos.KeyTab returns unrequested keys

That be fine. New Java version restores RFC behavior and property can bring back old case-insensitive behavior. Michael On 2024-05-06 22:03, Wei-Jun Wang wrote: I'll probably pick #2 if you also like it. On May 6, 2024, at 3:59 PM, Osipov, Michael (IN IT IN) wrote: On 2024-05-06 21:55, We

Re: Canonical/portable way to obtain long term key for a GSS security context (acceptor side)

On 2024-05-06 21:42, Wei-Jun Wang wrote: On May 6, 2024, at 2:55 PM, Osipov, Michael (IN IT IN) wrote: Hi Weijun, On 2024-05-06 20:51, Wei-Jun Wang wrote: Hi Michael, I see you've just reported a bug on KeyTab. Is that your latest workaround to the request here? That's also the only one