Uploaded image for project: 'CCC Migration Project'
  1. CCC Migration Project
  2. CCC-8173827

Remove forRemoval=true from several deprecated security APIs

    XMLWordPrintable

Details

    • minimal
    • Java API
    • SE

    Description

      Summary

      Remove the "forRemoval=true" element from the Deprecated annotation of several deprecated security APIs.

      Problem

      Several deprecated security APIs have been marked with forRemoval=true to indicate they will be removed in a future release of Java SE. However, it has since been reported that some external applications/code are still using some of these APIs, and there is concern that there may not be enough advance notice to adapt their code to transition away from these legacy APIs and/or replace them with newer APIs before they would be removed.

      In particular, one of the dependencies is in a standard EE API which would require a specification change: https://java.net/jira/browse/EJB_SPEC-130.

      We still believe that these APIs should eventually be removed from SE, but we need to make sure these projects and the EE community is prepared for it.

      Solution

      Remove the "forRemoval=true" element from the Deprecated annotation of the affected APIs.

      Specification

      1. Remove "forRemoval=true" from the Deprecated annotation on the following classes:

        java.security.Certificate java.security.Identity java.security.IdentityScope java.security.Signer java.security.acl.Acl java.security.acl.AclEntry java.security.acl.AclNotFoundException java.security.acl.Group java.security.acl.LastOwnerException java.security.acl.NotOwnerException java.security.acl.Owner java.security.acl.Permission javax.security.auth.Policy javax.security.cert.Certificate javax.security.cert.CertificateEncodingException javax.security.cert.CertificateException javax.security.cert.CertificateExpiredException javax.security.cert.CertificateNotYetValidException javax.security.cert.CertificateParsingException javax.security.cert.X509Certificate com.sun.net.ssl.HostnameVerifier com.sun.net.ssl.HttpsURLConnection com.sun.net.ssl.KeyManager com.sun.net.ssl.KeyManagerFactory com.sun.net.ssl.KeyManagerFactorySpi com.sun.net.ssl.SSLContext com.sun.net.ssl.SSLContextSpi com.sun.net.ssl.SSLPermission com.sun.net.ssl.TrustManager com.sun.net.ssl.TrustManagerFactory com.sun.net.ssl.TrustManagerFactorySpi com.sun.net.ssl.X509KeyManager com.sun.net.ssl.X509TrustManager com.sun.net.ssl.internal.ssl.Provider com.sun.net.ssl.internal.ssl.X509ExtendedTrustManager com.sun.net.ssl.internal.www.protocol.https.DelegateHttpsURLConnection com.sun.net.ssl.internal.www.protocol.https.Handler com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnectionOldImpl

      2. Remove "forRemoval=true" from the Deprecated annotation on the following methods:

        javax.net.ssl.HandshakeCompletedEvent.getPeerCertificateChain javax.net.ssl.SSLSession.getPeerCertificateChain

      Attachments

        Issue Links

          csr for

          Bug - A problem which impairs or prevents the functions of the product. JDK-8173827 Remove forRemoval=true from several deprecated security APIs

          • P2 - Crashes, loss of data, severe memory leak.
          • Closed

          Activity

            People

              mullan Sean Mullan
              mullan Sean Mullan
              Xuelei Fan
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: