OpenJDK Security Development

This forum is an archive for the mailing list security-dev@openjdk.java.net (more options) Messages posted here will be sent to this mailing list.
The term "Security" has broad meanings and interpretations. It spans a wide range of areas, including cryptography, public key infrastructure, secure communication, authentication, and access control. The security component thus comprises a large set of APIs, tools, and implementations of commonly-used security algorithms and protocols.

As security concepts such as permissions are tightly interwoven throughout the entire Java source code, these component pages do not address issues in the other primary component areas (language features and virtual machine implementations, core libraries, graphics subsystems, hotspot, serviceability, etc). For a more detailed treatment, please see the corresponding component pages.

The primary emphasis of these pages is to explore the core security components source bases, and hopefully, get developers up to speed quickly.
12345 ... 274
Topics (9562)
Replies Last Post Views
RFR: 8241372: Several test failures due to javax.net.ssl.SSLException: Connection reset by Fernando Guallini-2
18
by Fernando Guallini-2
RFR: 8248223: KeyAgreement spec update on multi-party key exchange support by Jamil Nimeh-2
3
by Jamil Nimeh-2
Re: RFR: 8258588: MD5 MessageDigest in java.util.UUID should be cached by Peter Levart-3
4
by PROgrm_JARvis
Re: RFR: 8253795: Implementation of JEP 391: macOS/AArch64 Port [v9] by Anton Kozlov-2
0
by Anton Kozlov-2
RFR: 8261534: Test sun/security/pkcs11/KeyAgreement/IllegalPackageAccess.java fails on platforms where no nsslib artifacts are defined by Christoph Langer
4
by Christoph Langer
Integrated: 8261160: Add a deserialization JFR event by Chris Hegarty-2
0
by Chris Hegarty-2
Re: RFR: 8261160: Add a deserialization JFR event [v5] by Chris Hegarty-2
3
by Daniel Fuchs-2
RFR: 8261481: Cannot read Kerberos settings in dynamic store on macOS Big Sur by Weijun Wang-2
2
by Weijun Wang-2
Re: RFR: JDK-8261601: free memory in early return in Java_sun_nio_ch_sctp_SctpChannelImpl_receive0 by Matthias Baesken
0
by Matthias Baesken
RFR: 8261472: BasicConstraintsExtension::toString shows "PathLen:2147483647" if there is no pathLenConstraint by Weijun Wang-2
5
by Sean Mullan
RFR: JDK-8261510: Use RFC numbers rather than protocol or draft names in sun.security.ssl.SSLExtension by John Jiang
7
by John Jiang
Re: RFR: 8261160: Add a deserialization JFR event [v4] by Chris Hegarty-2
2
by Roger Riggs-2
Re: RFR: 8261160: Add a deserialization JFR event [v3] by Chris Hegarty-2
1
by Chris Hegarty-2
Re: RFR: 8261160: Add a deserialization JFR event by Chris Hegarty-2
4
by Chris Hegarty-2
Re: RFR: 8261160: Add a deserialization JFR event [v2] by Chris Hegarty-2
0
by Chris Hegarty-2
RFR review of draft CSR JDK-8261456: KeyAgreement spec update on multi-party key exchange support by Jamil Nimeh
1
by Sean Mullan
Keytool does not agree with RFC 8410 by Anders Rundgren
7
by Weijun Wang
Integrated: 8225081: Remove Telia Company CA certificate expiring in April 2021 by Rajan Halade-2
0
by Rajan Halade-2
Re: RFR: 8225081: Remove Telia Company CA certificate expiring in April 2021 by Sean Mullan-2
0
by Sean Mullan-2
[11u] RFR: 8244683: A TSA server used by tests by Doerr, Martin
2
by Doerr, Martin
Re: Module jdk.jartool should provide jarsigner tool by Alan Bateman
1
by Weijun Wang
JSSE reference guide issue by Daniel Jeliński
3
by Daniel Jeliński
Re: RFR: 8253795: Implementation of JEP 391: macOS/AArch64 Port [v10] by Andrew Haley-2
1
by Gerard Ziemski-2
RFR: 8163498: Many long-running security libs tests by Fernando Guallini-2
12
by Fernando Guallini-2
OpenJDK-TLS Manual: (Second) call for contributions by Ben Smyth
0
by Ben Smyth
RFR: 8248268: Support KWP in addition to KW by Valerie Peng-2
1
by Valerie Peng-2
Re: RFR: 8248862: Implement Enhanced Pseudo-Random Number Generators [v16] by Jim Laskey-3
0
by Jim Laskey-3
Re: RFR: 8253795: Implementation of JEP 391: macOS/AArch64 Port [v9] by Mikael Vidstedt
0
by Mikael Vidstedt
Re: RFR: 8248862: Implement Enhanced Pseudo-Random Number Generators [v15] by Jim Laskey-3
0
by Jim Laskey-3
Re: RFR: 8259662: Don't wrap SocketExceptions into SSLExceptions in SSLSocketImpl [v9] by Clive Verghese
1
by Xue-Lei Andrew Fan
Re: RFR: 8248862: Implement Enhanced Pseudo-Random Number Generators [v14] by Jim Laskey-3
1
by Jim Laskey-3
fix(truststore): log about truststore not found prints every time the same value by Kevin Davin
1
by Xue-Lei Fan
RFR: 8260861: TrustStoreDescriptor log the same value by Davin Kevin
4
by Davin Kevin
Integrated: 8256421: Add 2 HARICA roots to cacerts truststore by Rajan Halade-2
0
by Rajan Halade-2
Re: RFR: 8256421: Add 2 HARICA roots to Oracle Root CA Program by Hai-May Chao-2
3
by Sean Mullan-2
12345 ... 274