RFR 8072394: java.security.cert.PolicyQualifierInfo needs value-based equality

Florian Weimer fweimer at redhat.com
Mon Apr 6 20:18:48 UTC 2015


On 03/04/2015 06:47 PM, Sean Mullan wrote:

> I can take care of filing an internal CCC and will let you know when
> that is approved or if there are any questions.

This new webrev incorporates feedback from the CCC:

  <http://cr.openjdk.java.net/~fweimer/8072394/webrev.03/>

This needs additional tests, but I want to check first if the direction
is okay.

The PolicyQualifierInfoSet class is needed because there is no existing
LinkedTreeSet class.  I do not want to continue to use LinkedHashSet
because of the denial of service risk from hash collisions (this was not
a problem before because the hash was identity-based), and the cost of
computing hash codes even for single-element sets.

-- 
Florian Weimer / Red Hat Product Security


More information about the security-dev mailing list