Bug ID: JDK-8154005 Add algorithm constraint that specifies the restriction date

JDK-8154005 : Add algorithm constraint that specifies the restriction date

Type: Enhancement
Component: security-libs
Sub-Component: java.security

Priority: P2
Status: Closed
Resolution: Fixed

Submitted: 2016-04-11
Updated: 2025-09-11
Resolved: 2016-05-26

Versions (Unresolved/Resolved/Fixed)

The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.

JDK 8	JDK 9
8u152Fixed	9 b121Fixed

Related Reports

Blocks :	JDK-8149555 - JEP 288: Disable SHA-1 Certificates
Relates :	JDK-8367403 - java.security jdkCA documentation assumes use of cacerts file
Relates :	JDK-8165103 - Update to "denyAfter constraint check" exception message
Relates :	JDK-8153777 - Implement "denyAfter" constraint

Description

Extend the jdk.certpath.disabledAlgorithms property to support a  constraint that specifies the date a restriction goes into affect. The proposed name for the constraint is "denyAfter".

This constraint allows us to better implement a phased approach to disabling an algorithm, and also gives administrators more control over when the restrictions will take affect.

Comments

UR SQE OK to take this to CPU17_01

05-10-2016

URL: http://hg.openjdk.java.net/jdk9/jdk9/jdk/rev/d3b6131c1211 User: lana Date: 2016-06-01 18:59:16 +0000

01-06-2016

URL: http://hg.openjdk.java.net/jdk9/dev/jdk/rev/d3b6131c1211 User: ascarpino Date: 2016-05-26 20:33:42 +0000

26-05-2016