open Cdiff src/java.base/share/classes/sun/security/x509/OCSPNoCheckExtension.java

src/java.base/share/classes/sun/security/x509/OCSPNoCheckExtension.java

rev 51977 : [mq]: 8200381-Typos-in-javadoc-missing-verb-be-and-alike


*** 1,7 ****
  /*
!  * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
   * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   *
   * This code is free software; you can redistribute it and/or modify it
   * under the terms of the GNU General Public License version 2 only, as
   * published by the Free Software Foundation.  Oracle designates this
--- 1,7 ----
  /*
!  * Copyright (c) 2009, 2018, Oracle and/or its affiliates. All rights reserved.
   * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   *
   * This code is free software; you can redistribute it and/or modify it
   * under the terms of the GNU General Public License version 2 only, as
   * published by the Free Software Foundation.  Oracle designates this
*** 36,47 ****
   * <p>
   * A CA may specify that an OCSP client can trust a responder for the
   * lifetime of the responder's certificate. The CA does so by including
   * the extension id-pkix-ocsp-nocheck. This SHOULD be a non-critical
   * extension. The value of the extension should be NULL. CAs issuing
!  * such a certificate should realized that a compromise of the
!  * responder's key, is as serious as the compromise of a CA key used to
   * sign CRLs, at least for the validity period of this certificate. CA's
   * may choose to issue this type of certificate with a very short
   * lifetime and renew it frequently.
   * <pre>
   * id-pkix-ocsp-nocheck OBJECT IDENTIFIER ::= { id-pkix-ocsp 5 }
--- 36,47 ----
   * <p>
   * A CA may specify that an OCSP client can trust a responder for the
   * lifetime of the responder's certificate. The CA does so by including
   * the extension id-pkix-ocsp-nocheck. This SHOULD be a non-critical
   * extension. The value of the extension should be NULL. CAs issuing
!  * such a certificate should realize that a compromise of the
!  * responder's key is as serious as the compromise of a CA key used to
   * sign CRLs, at least for the validity period of this certificate. CA's
   * may choose to issue this type of certificate with a very short
   * lifetime and renew it frequently.
   * <pre>
   * id-pkix-ocsp-nocheck OBJECT IDENTIFIER ::= { id-pkix-ocsp 5 }

< prev index next >