Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8256895 Add support for RFC 8954: Online Certificate Status Protocol (OCSP) Nonce Extension
  3. JDK-8259735

Release Note: New System Property Added to Enable the OCSP Nonce Extension

XMLWordPrintable

    • Icon: Sub-task Sub-task
    • Resolution: Delivered
    • Icon: P4 P4
    • 17
    • 17
    • security-libs

      A new system property, `jdk.security.certpath.ocspNonce`, has been added to enable the OCSP Nonce Extension. This system property is disabled by default, and can be enabled by setting it to the value `true`. If set to `true`, the JDK implementation of `PKIXRevocationChecker` includes a nonce extension containing a 16 byte nonce with each OCSP request. See [RFC 8954](https://tools.ietf.org/html/rfc8954) for more details on the OCSP Nonce Extension.

            hchao Haimay Chao
            hchao Haimay Chao
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: