You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "Josh McKenzie (Jira)" <ji...@apache.org> on 2022/09/08 17:14:00 UTC
[jira] [Updated] (CASSANDRA-17867) Remove usage of deprecated javax certificate class
[ https://issues.apache.org/jira/browse/CASSANDRA-17867?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Josh McKenzie updated CASSANDRA-17867:
--------------------------------------
Test and Documentation Plan: No testing changes; run full suite
Status: Patch Available (was: Open)
> Remove usage of deprecated javax certificate class
> --------------------------------------------------
>
> Key: CASSANDRA-17867
> URL: https://issues.apache.org/jira/browse/CASSANDRA-17867
> Project: Cassandra
> Issue Type: Improvement
> Components: Feature/Authorization
> Reporter: Josh McKenzie
> Assignee: Josh McKenzie
> Priority: Normal
> Fix For: 4.x
>
>
> When initially implemented, we used the older {{javax.security.cert.X509Certificate}} when initializing an {{IAuthenticator}} with certs - as nobody is yet using this interface, and there is a reasonable way to fix it to use the correct, non-deprecated cert classes, we should switch to the modern {{java.security.cert.Certificate}} class.
> The broader reasoning here is that consumers of this interface would have to jump through serialization/deserialization hoops on each authentication check to use the newer X509Certificate implementation, which has data on which we depend for our mTLS implementation, and in this case we can just cast them to the appropriate class.
> See https://docs.oracle.com/javase/9/docs/api/javax/security/cert/X509Certificate.html for further details
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org