Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8267268

[BACKOUT] JDK-8196415 Disable SHA-1 Signed JARs

    XMLWordPrintable

    Details

    • Subcomponent:
    • Compatibility Kind:
      behavioral
    • Compatibility Risk:
      minimal
    • Compatibility Risk Description:
      Revert fix
    • Interface Kind:
      System or security property
    • Scope:
      JDK

      Description

      Summary

      Revert the JDK changes introduced via CSR JDK-8264362 for update releases.

      Problem

      Performance issues have been reported with the patch created for JDK-8196415 (and approved via CSR JDK-8264362). Decision to revert the fix for the JDK Update releases while leaving the fix in JDK 17 where a solution can be worked. Once a stable solution is in place, a new enhancement will be filed for "Disable SHA-1 Signed JARs" and ported to the JDK Update releases.

      Solution

      Perform an anti-delta of the patch from JDK-8196415

      As a result, no changes will exist in this area for the JDK 16u, JDK 11u, JDK 8u and JDK 7u releases.

      Specification

      Remove (revert) the "SHA1 jdkCA & usage SignedJAR & denyAfter 2019-01-01" change from the jdk.certpath.disabledAlgorithms Security property

      Remove (revert) the "SHA1 jdkCA & denyAfter 2019-01-01" change from the jdk.jar.disabledAlgorithms Security property.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              coffeys Sean Coffey
              Reporter:
              pkumaraswamy Prajwal Kumaraswamy
              Reviewed By:
              Sean Mullan
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: