JDK-8013228 : Create new system properties to control allowable OCSP clock skew and CRL connection timeout
- Type: Enhancement
- Component: security-libs
- Sub-Component: java.security
- Affected Version: 7u25,8
- Priority: P3
- Status: Closed
- Resolution: Fixed
- Submitted: 2013-04-25
- Updated: 2017-05-17
- Resolved: 2013-04-25
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 7 | JDK 8 |
|---|---|
7u25Fixed  |
8 b88Fixed |
Description
Additional properties are needed to control certain aspects of certificate revocation checking. In particular, we need a property that allows a customer to adjust the maximum allowable clock skew when validating signed OCSP (On-line Certificate Staus Protocol) responses. Also, we need a property that allows a customer to adjust the maximum connection timeout when downloading CRLs (Certificate Revocation Lists).
Comments
|