Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8216280

Allow later Symantec Policy distrust date for two Apple SubCAs

    XMLWordPrintable

Details

    • b29
    • Verified

    Backports

      Description

        The JDK will stop trusting TLS Server certificates by Symantec, in line with similar plans recently announced by Google, Mozilla, Apple, and Microsoft. The list of affected certificates includes certificates branded as GeoTrust, Thawte, and VeriSign, which were managed by Symantec. Any TLS Server certificate issued after April 16, 2019 will be restricted. This change has already been implemented and is in JDK 12 (see JDK-8207258).

        Apple has requested more time to transition their users off of the legacy Symantec Root CAs that will be distrusted for TLS Server certificates. They are working with DigiCert on a transition plan and have requested a later distrust date: December 31, 2019. This later distrust date would only apply to TLS Server certificates issued from two Apple subordinate CAs: "Apple IST CA 2 - G1" and "Apple IST CA 8 - G1". Any certificate issued after that date will be distrusted. Other vendors such as Mozilla have granted similar exemptions to these Apple subCAs.

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8217560 Allow later Symantec Policy distrust date for two Apple SubCAs

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8217574 Allow later Symantec Policy distrust date for two Apple SubCAs

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8217724 Allow later Symantec Policy distrust date for two Apple SubCAs

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8217787 Allow later Symantec Policy distrust date for two Apple SubCAs

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8217788 Allow later Symantec Policy distrust date for two Apple SubCAs

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8217988 Allow later Symantec Policy distrust date for two Apple SubCAs

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8218256 Allow later Symantec Policy distrust date for two Apple SubCAs

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8219963 Allow later Symantec Policy distrust date for two Apple SubCAs

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8221037 Allow later Symantec Policy distrust date for two Apple SubCAs

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8222657 Allow later Symantec Policy distrust date for two Apple SubCAs

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8224353 Allow later Symantec Policy distrust date for two Apple SubCAs

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8217523 Allow later Symantec Policy distrust date for two Apple SubCAs

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8217524 Allow later Symantec Policy distrust date for two Apple SubCAs

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8217525 Allow later Symantec Policy distrust date for two Apple SubCAs

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8219452 Allow later Symantec Policy distrust date for two Apple SubCAs

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed
            relates to

            Enhancement - null JDK-8207258 Distrust TLS server certificates anchored by Symantec Root CAs

            • P3 - Major loss of function.
            • Resolved

            Enhancement - null JDK-8207258 Distrust TLS server certificates anchored by Symantec Root CAs

            • P3 - Major loss of function.
            • Resolved

            Activity

              People

                mullan Sean Mullan
                mullan Sean Mullan
                Votes:
                0 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: