On Tue, 12 Nov 2024 20:35:54 GMT, Artur Barashev wrote:
>> The current syntax of the jdk.tls.disabledAlgorithms makes it difficult to
>> disable algorithms that affect both the key exchange and authentication
>> parts of a TLS cipher suite. For example, if you add "RSA" to the
>> jdk.tls.disab
On Tue, 12 Nov 2024 19:11:48 GMT, Artur Barashev wrote:
>> The current syntax of the jdk.tls.disabledAlgorithms makes it difficult to
>> disable algorithms that affect both the key exchange and authentication
>> parts of a TLS cipher suite. For example, if you add "RSA" to the
>> jdk.tls.disab
On Sat, 9 Nov 2024 00:07:07 GMT, Artur Barashev wrote:
>> The current syntax of the jdk.tls.disabledAlgorithms makes it difficult to
>> disable algorithms that affect both the key exchange and authentication
>> parts of a TLS cipher suite. For example, if you add "RSA" to the
>> jdk.tls.disabl
On Sat, 9 Nov 2024 00:07:07 GMT, Artur Barashev wrote:
>> The current syntax of the jdk.tls.disabledAlgorithms makes it difficult to
>> disable algorithms that affect both the key exchange and authentication
>> parts of a TLS cipher suite. For example, if you add "RSA" to the
>> jdk.tls.disabl
On Sat, 9 Nov 2024 00:07:07 GMT, Artur Barashev wrote:
>> The current syntax of the jdk.tls.disabledAlgorithms makes it difficult to
>> disable algorithms that affect both the key exchange and authentication
>> parts of a TLS cipher suite. For example, if you add "RSA" to the
>> jdk.tls.disabl
On Fri, 8 Nov 2024 19:36:34 GMT, Artur Barashev wrote:
>> The current syntax of the jdk.tls.disabledAlgorithms makes it difficult to
>> disable algorithms that affect both the key exchange and authentication
>> parts of a TLS cipher suite. For example, if you add "RSA" to the
>> jdk.tls.disabl
On Fri, 8 Nov 2024 14:54:45 GMT, Artur Barashev wrote:
> * I think we shouldn't care if someone wants to use other regex syntax
> matching, maybe someone will find it useful. We just not going to document
> this to avoid any confusion, most people will just use `*`.
`*` isn't valid regex (whic
Am 08.11.2024 um 03:15 schrieb David Schlosnagle:
On Thu, 7 Nov 2024 22:13:04 GMT, Artur Barashev wrote:
I've tried to comment on Github but the bot that required me to accept the
TOS doesn't seem to automatically restore it while stating the opposite in
the comment. I don't want to fight t
On Fri, 8 Nov 2024 00:25:12 GMT, David Schlosnagle wrote:
>> Artur Barashev has updated the pull request with a new target base due to a
>> merge or a rebase. The incremental webrev excludes the unrelated changes
>> brought in by the merge/rebase. The pull request contains 25 additional
>> com
Am 26.09.2024 um 13:50 schrieb Mark Reinhold:
it has rarely been used
to secure server-side code, and it is costly to maintain.
We're one of these "rare" users and are using SecurityManager to prevent
unallowed parts of a server-application to start sub processes
(sm.canExec) and to sh
Am 21.06.2022 um 09:32 schrieb Andrew Haley:
On 6/16/22 21:02, Lothar Kimmeringer wrote:
If they are allowed to become unuseable (as explained, I see that as
something that is to be expected IRL)
I don't think they are. There is nothing in PKCS#11 that gives an implementatio
secdev-only problem, which is the reason
why I send it to the list (I don't have that many lists subscribed,
so my empirical data is limited ;-)
Thanks and cheers,
Lothar Kimmeringer
red.
If they have to "repair themselves", it's a bug in the HSM's
PKCS#11-library and I have to compose yet another bug-report ;-)
A change in the TLS-implementation might still be considered
(as a feature request that is) to discard the unuseable key
to keep an application using this buggy library running.
Thanks and best regards,
Lothar Kimmeringer
13 matches
Mail list logo
