Uploaded image for project: 'CCC Migration Project'
  1. CCC Migration Project
  2. CCC-8173827

Remove forRemoval=true from several deprecated security APIs

    XMLWordPrintable

    Details

    • Subcomponent:
    • Compatibility Risk:
      minimal
    • Interface Kind:
      Java API
    • Scope:
      SE

      Description

      Summary

      Remove the "forRemoval=true" element from the Deprecated annotation of several deprecated security APIs.

      Problem

      Several deprecated security APIs have been marked with forRemoval=true to indicate they will be removed in a future release of Java SE. However, it has since been reported that some external applications/code are still using some of these APIs, and there is concern that there may not be enough advance notice to adapt their code to transition away from these legacy APIs and/or replace them with newer APIs before they would be removed.

      In particular, one of the dependencies is in a standard EE API which would require a specification change: https://java.net/jira/browse/EJB_SPEC-130.

      We still believe that these APIs should eventually be removed from SE, but we need to make sure these projects and the EE community is prepared for it.

      Solution

      Remove the "forRemoval=true" element from the Deprecated annotation of the affected APIs.

      Specification

      1. Remove "forRemoval=true" from the Deprecated annotation on the following classes:

        java.security.Certificate java.security.Identity java.security.IdentityScope java.security.Signer java.security.acl.Acl java.security.acl.AclEntry java.security.acl.AclNotFoundException java.security.acl.Group java.security.acl.LastOwnerException java.security.acl.NotOwnerException java.security.acl.Owner java.security.acl.Permission javax.security.auth.Policy javax.security.cert.Certificate javax.security.cert.CertificateEncodingException javax.security.cert.CertificateException javax.security.cert.CertificateExpiredException javax.security.cert.CertificateNotYetValidException javax.security.cert.CertificateParsingException javax.security.cert.X509Certificate com.sun.net.ssl.HostnameVerifier com.sun.net.ssl.HttpsURLConnection com.sun.net.ssl.KeyManager com.sun.net.ssl.KeyManagerFactory com.sun.net.ssl.KeyManagerFactorySpi com.sun.net.ssl.SSLContext com.sun.net.ssl.SSLContextSpi com.sun.net.ssl.SSLPermission com.sun.net.ssl.TrustManager com.sun.net.ssl.TrustManagerFactory com.sun.net.ssl.TrustManagerFactorySpi com.sun.net.ssl.X509KeyManager com.sun.net.ssl.X509TrustManager com.sun.net.ssl.internal.ssl.Provider com.sun.net.ssl.internal.ssl.X509ExtendedTrustManager com.sun.net.ssl.internal.www.protocol.https.DelegateHttpsURLConnection com.sun.net.ssl.internal.www.protocol.https.Handler com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnectionOldImpl

      2. Remove "forRemoval=true" from the Deprecated annotation on the following methods:

        javax.net.ssl.HandshakeCompletedEvent.getPeerCertificateChain javax.net.ssl.SSLSession.getPeerCertificateChain

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              mullan Sean Mullan
              Reporter:
              mullan Sean Mullan
              Reviewed By:
              Xue-Lei Fan
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: