OpenJDK Security Development

This forum is an archive for the mailing list security-dev@openjdk.java.net (more options) Messages posted here will be sent to this mailing list.
The term "Security" has broad meanings and interpretations. It spans a wide range of areas, including cryptography, public key infrastructure, secure communication, authentication, and access control. The security component thus comprises a large set of APIs, tools, and implementations of commonly-used security algorithms and protocols.

As security concepts such as permissions are tightly interwoven throughout the entire Java source code, these component pages do not address issues in the other primary component areas (language features and virtual machine implementations, core libraries, graphics subsystems, hotspot, serviceability, etc). For a more detailed treatment, please see the corresponding component pages.

The primary emphasis of these pages is to explore the core security components source bases, and hopefully, get developers up to speed quickly.
123456 ... 274
Topics (9562)
Replies Last Post Views
Re: RFR: 8257858: [macOS]: Remove JNF dependency from libosxsecurity/KeystoreImpl.m [v7] by Magnus Ihse Bursie-3
0
by Magnus Ihse Bursie-3
Re: RFR: 8260864: ProblemList two security/krb5 tests on Linux by David Holmes-2
2
by Weijun Wang-2
fix(truststore): log about truststore not found prints every time the same value by Kevin Davin
0
by Kevin Davin
RFR [17]: JDK-8260310 Release Note: Configurable extensions with system properties by Xue-Lei Fan
2
by Xue-Lei Fan
RFR: 8217633: Configurable extensions with system properties by Xue-Lei Andrew Fan
13
by Xue-Lei Andrew Fan
Re: RFR: 8257858: [macOS]: Remove JNF dependency from libosxsecurity/KeystoreImpl.m [v2] by Phil Race
1
by Weijun Wang-2
Re: RFR: 8257858: [macOS]: Remove JNF dependency from libosxsecurity/KeystoreImpl.m by Erik Joelsson-2
0
by Erik Joelsson-2
Re: RFR: 8259662: Don't wrap SocketExceptions into SSLExceptions in SSLSocketImpl [v8] by Clive Verghese
0
by Clive Verghese
RFR: 8259801: Enable XML Signature secure validation mode by default by Sean Mullan-2
4
by Sean Mullan-2
RFR: Release Note for 8259801: Enable XML Signature secure validation mode by default by Sean Mullan
0
by Sean Mullan
8259886 : Improve SSL session cache performance and scalability by Daniel Jeliński
2
by Daniel Jeliński
Integrated: 8252412: [macos11] system dynamic libraries removed from filesystem by Martin Buchholz-4
0
by Martin Buchholz-4
Re: RFR: 8252412: [macos11] system dynamic libraries removed from filesystem [v2] by Martin Buchholz-4
0
by Martin Buchholz-4
Re: RFR: 8259662: Don't wrap SocketExceptions into SSLExceptions in SSLSocketImpl [v6] by Clive Verghese
0
by Clive Verghese
Re: RFR: 8259662: Don't wrap SocketExceptions into SSLExceptions in SSLSocketImpl [v5] by Clive Verghese
0
by Clive Verghese
RFR: 8260286: Manual Test "ws/open/test/jdk/sun/security/tools/jarsigner/compatibility/Compatibility.java" fails by Fernando Guallini-2
8
by Fernando Guallini-2
Re: RFR: 8253795: Implementation of JEP 391: macOS/AArch64 Port [v3] by Phil Race
1
by Stefan Karlsson-3
RFR: 8258833: Cancel multi-part cipher operations in SunPKCS11 after failures by Martin Balao-2
42
by Martin Balao-2
Re: RFR: 8253795: Implementation of JEP 391: macOS/AArch64 Port [v2] by Vladimir Kempik-3
0
by Vladimir Kempik-3
RFR: 8255348: NPE in PKIXCertPathValidator event logging code by Sean Coffey-2
5
by Sean Coffey-2
Re: CFV: New JDK Committer: Hai-May Chao by Xue-Lei Fan
0
by Xue-Lei Fan
Re: RFR: 8259662: Don't wrap SocketExceptions into SSLExceptions in SSLSocketImpl [v4] by Clive Verghese
0
by Clive Verghese
RFR: 8244411: javax/net/ssl/TLSCommon/CipherSuite.java should cover DTLS protocols by Fernando Guallini-2
1
by Fernando Guallini-2
RFR: 8259498: Reduce overhead of MD5 and SHA digests by Claes Redestad-2
7
by Claes Redestad-2
RFR: 8256895: Add support for RFC 8954: Online Certificate Status Protocol… by Hai-May Chao-2
21
by Hai-May Chao-2
RFR: JDK-8259786: initialize last parameter of getpwuid_r by Matthias Baesken
4
by Matthias Baesken
RFR: 8253821: Improve ByteBuffer performance with GCM by Anthony Scarpino-2
102
by Chen Li
TLS Manual: Call for contributions by Ben Smyth
0
by Ben Smyth
Java and the NTFS Path weakness by Bernd Eckenfels-4
3
by Bernd Eckenfels-4
RFR: 8023980: JCE doesn't provide any class to handle RSA private key in PKCS#1 by Valerie Peng-2
15
by Michael StJohns
Re: RFR: 8248862: Implement Enhanced Pseudo-Random Number Generators [v13] by Jim Laskey-3
0
by Jim Laskey-3
Re: [jdk16] RFR: JDK-8259732: JDK 16 L10n resource file update - msg drop 10 [v2] by Naoto Sato-2
0
by Naoto Sato-2
Re: RFR: 8257733: Move module-specific data from make to respective module [v4] by Magnus Ihse Bursie-3
0
by Magnus Ihse Bursie-3
Re: RFR: 8253866: Security Libs Terminology Refresh [v2] by Jamil Nimeh-2
1
by Jamil Nimeh-2
Integrated: 8259401: Add checking to jarsigner to warn weak algorithms used in signer’s cert chain by Hai-May Chao-2
0
by Hai-May Chao-2
123456 ... 274