On Thu, 23 Jan 2025 17:56:06 GMT, Sean Mullan <mul...@openjdk.org> wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> comments from Sean
>
> test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/Camerfirma.java line
> 58:
>
>> 56:
>> 57: public static void main(String[] args) throws Exception {
>> 58: String prop =
>> Security.getProperty("jdk.certpath.disabledAlgorithms");
>
> Can you add a comment here saying that some (all?) of the test certificates
> are signed with SHA-1 so we need to remove the constraint that disallows
> SHA-1 certificates?
fixed
> test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/Distrust.java line 1:
>
>> 1: /*
>
> Update copyright date.
oops
> test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/chains/camerfirma/camerfirmachambersca-chain.pem
> line 1:
>
>> 1: -----BEGIN CERTIFICATE-----
>
> Can you put some basic information about the certs at the top of these files,
> such as the Issuer DN, etc? See the entrust pem files for examples.
done
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/22985#discussion_r1927630573
PR Review Comment: https://git.openjdk.org/jdk/pull/22985#discussion_r1927631066
PR Review Comment: https://git.openjdk.org/jdk/pull/22985#discussion_r1927630827
