Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8168880

Document that algorithm restrictions do not apply to trusted anchors

    XMLWordPrintable

Details

    • Bug
    • Resolution: Duplicate
    • P4
    • None
    • 8u112, 9
    • docs

    Description

      The algorithm constraint does not apply to root/trusted certificate as the application or customer has made the decision to trust the cert although it is weak or broken.

      Although the cert path definition does not contain the trusted certificate, it is not easy to understand this point for general developers. Better to document explicitly that algorithm restrictions (jdk.certpath.disabledAlgorithms, jdk.jar.disabledAlgorithms) do not apply to trusted certs.

      See the update in JDK-8168822.

      Please update guides for:
      . JSSE Reference Guide (may need a new troubleshooting item).
      . Java PKI Programmer's Guide

      Attachments

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. JDK-8168868 Add additional admin-level documentation for trusted certs not being "disabled"

          • P3 - Major loss of function.
          • Resolved
          relates to

          Bug - A problem which impairs or prevents the functions of the product. JDK-8168822 Document that algorithm restrictions do not apply to trusted anchors

          • P4 - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              xuelei Xuelei Fan
              xuelei Xuelei Fan
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: