infernap12/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2026-02-20 23:36:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

8168822: Document that algorithm restrictions do not apply to trusted anchors

Browse Source 
Reviewed-by: weijun, jnimeh, mullan
This commit is contained in:
Xue-Lei Andrew Fan 2016-10-27 23:49:38 +00:00
parent 433b31bbda
commit d0891a2ffc
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
jdk/src/java.base/share/conf/security/java.security
View File

@ -645,6 +645,9 @@ krb5.kdc.bad.policy = tryLast
# before larger keysize constraints of the same algorithm. For example:
# "RSA keySize < 1024 & jdkCA, RSA keySize < 2048".
#
# Note: The algorithm restrictions do not apply to trust anchors or
# self-signed certificates.
#
# Note: This property is currently used by Oracle's PKIX implementation. It
# is not guaranteed to be examined and used by other implementations.
#
@ -714,6 +717,9 @@ jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
# See the specification of "jdk.certpath.disabledAlgorithms" for the
# syntax of the disabled algorithm string.
#
# Note: The algorithm restrictions do not apply to trust anchors or
# self-signed certificates.
#
# Note: This property is currently used by Oracle's JSSE implementation.
# It is not guaranteed to be examined and used by other implementations.
#