Quantcast

OpenJDK Security Development

This forum is an archive for the mailing list security-dev@openjdk.java.net (more options) Messages posted here will be sent to this mailing list.
The term "Security" has broad meanings and interpretations. It spans a wide range of areas, including cryptography, public key infrastructure, secure communication, authentication, and access control. The security component thus comprises a large set of APIs, tools, and implementations of commonly-used security algorithms and protocols.

As security concepts such as permissions are tightly interwoven throughout the entire Java source code, these component pages do not address issues in the other primary component areas (language features and virtual machine implementations, core libraries, graphics subsystems, hotspot, serviceability, etc). For a more detailed treatment, please see the corresponding component pages.

The primary emphasis of these pages is to explore the core security components source bases, and hopefully, get developers up to speed quickly.
1234567 ... 234
Topics (8168)
Replies Last Post Views
RFR[9] JDK-8171043: ServerIdentityTest.java fails on Windows by John Jiang
4
by Xuelei Fan-2
JDK 9 RFR of JDK-8171062: Problem list ServerIdentityTest.java on window by joe darcy
1
by Xuelei Fan-2
Code Review Request, JDK-8171003, A couple of JSSE tests have been failing after JDK-8170329 by Xuelei Fan-2
2
by Anthony Scarpino
[PATCH] 8069128: remove deprecation warning suppression from KeychainStore by Adam Petcher
1
by Sean Mullan
[9] RFR 8079898: Resolve disabled warnings for libj2ucrypto by Valerie Peng
2
by Magnus Ihse Bursie
[PATCH] 8158517: Minor optimizations to ISO10126PADDING by Adam Petcher
2
by Bernd Eckenfels-4
Code Review Request JDK-8170329 New SSLSocket testing template by Xuelei Fan-2
15
by Sean Mullan
TLS session cache access (for FTP clients with data connection session reuse) by Bernd Eckenfels-4
2
by David M. Lloyd-3
[9] RFR JDK-8157529 : Remove intermittent key from javax/net/ssl/DTLS/CipherSuite.java by Tim Du
1
by Artem Smotrakov
RFR[9] JDK-8170523: Some PKCS11 test cases are ignored with security manager by John Jiang
3
by Sean Mullan
RFR: 8170157/8169335: Unlimited Cryptography Policy Changes by Bradford Wetmore
2
by Seán Coffey
[9] RFR: JDK-8170245 [TEST_BUG] Cipher tests fail when running with unlimited policy by Valerie Peng
1
by Xuelei Fan-2
RFR: 8170131: Certificates not being blocked by jdk.tls.disabledAlgorithms property by Sean Mullan
6
by Sean Mullan
RFR(M): 8170525: Fix minor issues in awt coding by Lindenmaier, Goetz
14
by Phil Race
RFR: 8170602: Startup regression due to introduction of lambda in java.io.FilePermissionCollection by Claes Redestad
2
by Claes Redestad
RFR: 8169335: Add a crypto.policy fallback in case Security Property 'crypto.policy' does not exist by Bradford Wetmore
13
by Bradford Wetmore
[9] RFR 8170247: java/security/SecureRandom/ApiTest fails when run with unlimited policy. by Sibabrata Sahoo
1
by Weijun Wang
[8u-dev] RFR 8170278 : ticket renewal won't happen with debugging turned on by Ivan Gerasimov
2
by Weijun Wang
RFR 8170364: FilePermission path modified during merge by Weijun Wang
5
by Alan Bateman
RFR(s): JDK-8169866: [TESTBUG] com/sun/security/ tests have undeclared modules dependencies by Sergei Kovalev
2
by Weijun Wang
RFR 8164881: Add more tests for JDK-8139565. by Mallikarjuna Avaluri
2
by Mallikarjuna Avaluri
Re: RFR 9: 8169416: SSLSessionImpl finalize overhead by roger riggs
1
by Xuelei Fan-2
RFR 8170035: When determining the ciphersuite lists, there is no debug output for disabled suites by Jamil Nimeh
4
by Bradford Wetmore
RFR 8169911: Enhanced tests for jarsigner -verbose -verify after JDK-8163304 by Amanda Jiang
3
by Weijun Wang
JDK 9 and JCE code signing (where and sha1WithDSA 1024?) by Bernd Eckenfels-4
2
by Bradford Wetmore
RFR 7004967: SecureRandom should be more explicit about threading by Weijun Wang
15
by Sean Mullan
RFR 8043252: Debug of access control is obfuscated - NullPointerException in ProtectionDomain by Jamil Nimeh
6
by Sean Mullan
[9] RFR: 8168969: Merge SSLSocketSample and SSLSocketTemplate by Artem Smotrakov
9
by Xuelei Fan-2
RFR 8169751: sun/security/krb5/auto/rcache_usemd5.sh fails on solaris by Weijun Wang
3
by Weijun Wang
RFR 8168931: Few OCSP related test failed with "Response is unreliable: its validity interval is out-of-date" by Anthony Scarpino
1
by Sean Mullan
RFR: 8168861 AnchorCertificates uses hardcoded password for cacerts keystore by Anthony Scarpino
2
by Sean Mullan
Code Review Request, JDK-8166103 Allow certs with unknown critical extension in SunX509 validator by Xuelei Fan-2
2
by Bradley Hess
Code Review Reqeust, JDK-8169362, Interop automated testing with Chrome by Xuelei Fan-2
4
by Bernd Eckenfels-4
RFR : (XS) 8166432:Bad 8u112 merge of sun/security/tools/jarsigner/warnings/Test.java by Seán Coffey
1
by Vincent Ryan
RFR: 8169229: RSAClientKeyExchange debug info is incorrect by Bradford Wetmore
3
by Xuelei Fan-2
1234567 ... 234