Code review request, JDK-8168822, Document that algorithm restrictions do not apply to trusted certs
xuelei.fan at oracle.com
Thu Oct 27 00:04:02 UTC 2016
Please review the simple fix:
Algorithm restrictions do not apply to trusted certs as the
application or customer has made the decision to trust the "trusted
cert". However, this point is not explicit for general developers and
users. We'd better to clarify this point explicitly.
In the update, I add a short note for each algorithm constraint security
Note: Algorithm restrictions do not apply to trusted certificates.
Doc only update, no new regression test.
More information about the security-dev