Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8256895 Add support for RFC 8954: Online Certificate Status Protocol (OCSP) Nonce Extension
  3. JDK-8259735

Release Note: New System Property Added to Enable the OCSP Nonce Extension

    XMLWordPrintable

    Details

    • Type: Sub-task
    • Status: Closed
    • Priority: P4
    • Resolution: Delivered
    • Affects Version/s: 17
    • Fix Version/s: 17
    • Component/s: security-libs
    • Labels:

      Description

      A new system property, `jdk.security.certpath.ocspNonce`, has been added to enable the OCSP Nonce Extension. This system property is disabled by default, and can be enabled by setting it to the value `true`. If set to `true`, the JDK implementation of `PKIXRevocationChecker` includes a nonce extension containing a 16 byte nonce with each OCSP request. See [RFC 8954](https://tools.ietf.org/html/rfc8954) for more details on the OCSP Nonce Extension.

        Attachments

          Activity

            People

            Assignee:
            hchao Haimay Chao
            Reporter:
            hchao Haimay Chao
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: