United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
JDK-4959744 : Denigrate X509Certificate.getSubjectDN() & co

Details
Type:
Bug
Submit Date:
2003-11-25
Status:
Resolved
Updated Date:
2003-12-15
Project Name:
JDK
Resolved Date:
2003-12-15
Component:
security-libs
OS:
linux,generic
Sub-Component:
java.security
CPU:
x86,generic
Priority:
P3
Resolution:
Fixed
Affected Versions:
1.4.0,5.0
Fixed Versions:
5.0 (b32)

Related Reports
Duplicate:

Sub Tasks

Description
The methods getSubjectDN() and getIssuerDN() in X509Certificate and getIssuerDN() in X509CRL are problematic. They return an unspecified class implementing the java.security.Principal interface, which has a very loose specification.

Because no additional specification is present in the getSubjectDN() and getIssuerDN() methods, it is permissible for implementations to return an arbitrary, implementation specific class. Real world experience has shown that this is the case resulting in non-portability or unreliability of the code. For compatibility reasons, the specifications for those methods cannot be changed and they must be considered unsalvageable.

Replacement methods getSubjectX500Principal() & co that return an instance of the well-defined X500Principal class were added in JDK 1.4. The implementations of those methods have been designed to avoid all problems of this sort. However, the new methods suffer from underexposure and programmers continue to use the familiar and more intuitively named getSubjectDN() & co methods.

To change this, the old getSubjectDN() and getIssuerDN() methods should be deprecated. That will ensure that developers who use this methods receive a compile time warning.



                                    

Comments
EVALUATION

Will file CCC.

###@###.### 2003-11-25

Deprecation was considered inappropriate in this case. Instead, cautionary comments were added to the JavaDoc.

###@###.### 2003-12-09
                                     
2003-11-25
CONVERTED DATA

BugTraq+ Release Management Values

COMMIT TO FIX:
tiger-beta

FIXED IN:
tiger-beta

INTEGRATED IN:
tiger-b32
tiger-beta


                                     
2004-06-14



Hardware and Software, Engineered to Work Together