Quantcast

OpenJDK Security Development

This forum is an archive for the mailing list security-dev@openjdk.java.net (more options) Messages posted here will be sent to this mailing list.
The term "Security" has broad meanings and interpretations. It spans a wide range of areas, including cryptography, public key infrastructure, secure communication, authentication, and access control. The security component thus comprises a large set of APIs, tools, and implementations of commonly-used security algorithms and protocols.

As security concepts such as permissions are tightly interwoven throughout the entire Java source code, these component pages do not address issues in the other primary component areas (language features and virtual machine implementations, core libraries, graphics subsystems, hotspot, serviceability, etc). For a more detailed treatment, please see the corresponding component pages.

The primary emphasis of these pages is to explore the core security components source bases, and hopefully, get developers up to speed quickly.
1234 ... 235
Topics (8202)
Replies Last Post Views
JPMS Access Checks, Verification and the Security Manager by Volker Simonis
8
by Volker Simonis
Code Review Request, JDK-8180856 Remove RecordType.java by Xuelei Fan-2
1
by Weijun Wang
[9] RFR 8180635: (doc) Clarify the compatibility and interoperability issue when using provider default values by Valerie Peng
0
by Valerie Peng
ECC Key Usage ignored with and ECDH(E) ciphers by Bernd Eckenfels-4
3
by Xuelei Fan-2
RFR 8172244: AIOOBE in KeyStore.getCertificateAlias on Windows by Adam Petcher
1
by Vincent Ryan
[10] RFR 8166222: Don't treat signed jars with invalid timestamps as unsigned by Weijun Wang
7
by Weijun Wang
[jdk8u-dev] Review Request and Approval to Backport: 8140436: Support the FFDHE TLS extension by Ivan Gerasimov
1
by Seán Coffey
[9] RFR: 8180307: Add new JDK 9 Required Algorithms to Cipher class by Sean Mullan
4
by Sean Mullan
RFR 9 test-only RFR 8177328 : java/lang/ClassLoader/securityManager/ClassLoaderTest.java times out with -Xcomp by Brent Christian-2
14
by Brent Christian-2
FW: SecurityManager.checkPackageAccess for qualified exports by Langer, Christoph
5
by Mandy Chung
RFR: Update tables in java.base to be HTML5-friendly. by Jonathan Gibbons
13
by Jonathan Gibbons
RFR 8178794: krb5 client should ignore sname in incoming tickets by Weijun Wang
1
by Weijun Wang
[10] RFR 8179389: X509Certificate generateCRLs is extremely slow using a PEM crl list by Weijun Wang
1
by Sean Mullan
Re: RFR: JDK-8178278 Move Standard Algorithm Names document to specs directory by Erik Joelsson
2
by Erik Joelsson
JEP-123: Configurable Secure Random-Number Generation by Milton Smith-2
0
by Milton Smith-2
RFR[9] 8179451: Confidential copyright header in openjdk by John Jiang
3
by Weijun Wang
RFR 8176457: Add verbose option to java.security.debug by Anthony Scarpino
1
by Vincent Ryan
RFR: 8178014: CryptoPolicyParser's API comment contains < and > characters by Brad R. Wetmore
2
by Kumar Srinivasan
RFR 8179369: src/java.security.jgss/share/classes/org/ietf/jgss/package.html should be HTML5-friendly by Weijun Wang
1
by Sean Mullan
RFR: 8179370: Replace use of <tt>, <center> and <font> tags in java.base by Jonathan Gibbons
8
by Brad R. Wetmore
RFR: Remove map synchronization from SignatureAndHashAlgorithm by Steven Davidovitz
3
by Sean Mullan
NTNumericCredential of the NTLoginModule JAAS module by Bernd Eckenfels-4
0
by Bernd Eckenfels-4
Code Review Request, JDK-8140436, Support the FFDHE TLS extension by Xuelei Fan-2
4
by Jamil Nimeh
Short AES GCM Tags? by Mike Duigou-2
2
by Bernd Eckenfels-4
RFR 8178795: krb5 Basic.java test should be basic by Weijun Wang
1
by Xuelei Fan-2
[9] RFR:8178083 Remove intermittent key from java/security/SignedObject/Chain.java by Tim Du
1
by Xuelei Fan-2
RFR 8177784 Use CounterMode intrinsic for AES/GCM by Anthony Scarpino
8
by Sean Mullan
RFR[8u] JDK-8157035: Use stronger algorithms and keys for JSSE testing by Prasadrao Koppula
1
by Seán Coffey
JGSS-API supporting SSPI on Windows by Chan, Sunny
3
by Weijun Wang
[10] RFR: 8161973: PKIXRevocationChecker.getSoftFailExceptions() not working by Sean Mullan
1
by Xuelei Fan-2
RFR[9] 8165367: Additional tests for JEP 288: Disable SHA-1 Certificates by John Jiang
1
by Anthony Scarpino
RFR 8177291: [doc] weak algorithms and crypto policy in JGSS docs by Weijun Wang
3
by Sean Mullan
RFR: 3 security-libs release notes on keytool/krb5/etc by Weijun Wang
10
by Sean Mullan
[9] RFR 8177969: Faster FilePermission::implies by avoiding the use of Path::relativize by Weijun Wang
0
by Weijun Wang
[10] RFR: 8175029: StackOverflowError in X509CRL and X509Certificate.verify(PublicKey, Provider) by Sean Mullan
4
by Vincent Ryan
1234 ... 235