diff --git a/src/share/classes/java/security/Key.java b/src/share/classes/java/security/Key.java index c0c63d7c7c10630943d3d608d160382aabf1de12..09542e394a25f3722aa4a43701ef8e17b28a14c4 100644 --- a/src/share/classes/java/security/Key.java +++ b/src/share/classes/java/security/Key.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -63,7 +63,7 @@ package java.security; * * * For more information, see - * RFC 3280: + * RFC 5280: * Internet X.509 Public Key Infrastructure Certificate and CRL Profile. * *
{@code @@ -140,7 +140,7 @@ public class TrustAnchor { *** The name constraints are specified as a byte array. This byte array * contains the DER encoded form of the name constraints, as they - * would appear in the NameConstraints structure defined in RFC 3280 + * would appear in the NameConstraints structure defined in RFC 5280 * and X.509. The ASN.1 notation for this structure is supplied in the * documentation for * {@link #TrustAnchor(X509Certificate, byte[]) @@ -179,7 +179,7 @@ public class TrustAnchor { *
* The name constraints are specified as a byte array. This byte array * contains the DER encoded form of the name constraints, as they - * would appear in the NameConstraints structure defined in RFC 3280 + * would appear in the NameConstraints structure defined in RFC 5280 * and X.509. The ASN.1 notation for this structure is supplied in the * documentation for * {@link #TrustAnchor(X509Certificate, byte[]) @@ -294,7 +294,7 @@ public class TrustAnchor { *
* The name constraints are returned as a byte array. This byte array * contains the DER encoded form of the name constraints, as they - * would appear in the NameConstraints structure defined in RFC 3280 + * would appear in the NameConstraints structure defined in RFC 5280 * and X.509. The ASN.1 notation for this structure is supplied in the * documentation for * {@link #TrustAnchor(X509Certificate, byte[]) diff --git a/src/share/classes/java/security/cert/X509CRL.java b/src/share/classes/java/security/cert/X509CRL.java index 5ce84847fa56d57fd83cf5da015058d8cbfbb7f2..2133290735761c63bd205bd5008274e667edc493 100644 --- a/src/share/classes/java/security/cert/X509CRL.java +++ b/src/share/classes/java/security/cert/X509CRL.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -69,7 +69,7 @@ import sun.security.x509.X509CRLImpl; *
* More information can be found in - * RFC 3280: Internet X.509 + * RFC 5280: Internet X.509 * Public Key Infrastructure Certificate and CRL Profile. *
* The ASN.1 definition of {@code tbsCertList} is: diff --git a/src/share/classes/java/security/cert/X509CRLSelector.java b/src/share/classes/java/security/cert/X509CRLSelector.java index face5ff525d98d6f282adc57c808f94afef19c41..cf2e6b446ecfceb333084b9f8eaf67f2ce46e7a0 100644 --- a/src/share/classes/java/security/cert/X509CRLSelector.java +++ b/src/share/classes/java/security/cert/X509CRLSelector.java @@ -52,7 +52,7 @@ import sun.security.x509.X500Name; * {@link CertStore#getCRLs CertStore.getCRLs} or some similar * method. *
- * Please refer to RFC 3280: + * Please refer to RFC 5280: * Internet X.509 Public Key Infrastructure Certificate and CRL Profile * for definitions of the X.509 CRL fields and extensions mentioned below. *
diff --git a/src/share/classes/java/security/cert/X509CertSelector.java b/src/share/classes/java/security/cert/X509CertSelector.java index 0fe97a602048333d39efc7f186ef30967f8b9575..905e45401e94c91d5f5b08aaeb0ac9c588393ba3 100644 --- a/src/share/classes/java/security/cert/X509CertSelector.java +++ b/src/share/classes/java/security/cert/X509CertSelector.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -65,7 +65,7 @@ import sun.security.x509.*; * number. Other unique combinations include the issuer, subject, * subjectKeyIdentifier and/or the subjectPublicKey criteria. *
- * Please refer to RFC 3280: + * Please refer to RFC 5280: * Internet X.509 Public Key Infrastructure Certificate and CRL Profile for * definitions of the X.509 certificate extensions mentioned below. *
@@ -728,7 +728,7 @@ public class X509CertSelector implements CertSelector { * The name is provided in string format. * RFC 822, DNS, and URI * names use the well-established string formats for those types (subject to - * the restrictions included in RFC 3280). IPv4 address names are + * the restrictions included in RFC 5280). IPv4 address names are * supplied using dotted quad notation. OID address names are represented * as a series of nonnegative integers separated by periods. And * directory names (distinguished names) are supplied in RFC 2253 format. @@ -746,7 +746,7 @@ public class X509CertSelector implements CertSelector { * String form of some distinguished names. * * @param type the name type (0-8, as specified in - * RFC 3280, section 4.2.1.7) + * RFC 5280, section 4.2.1.6) * @param name the name in string form (not {@code null}) * @throws IOException if a parsing error occurs */ @@ -770,7 +770,7 @@ public class X509CertSelector implements CertSelector { *
* The name is provided as a byte array. This byte array should contain * the DER encoded name, as it would appear in the GeneralName structure - * defined in RFC 3280 and X.509. The encoded byte array should only contain + * defined in RFC 5280 and X.509. The encoded byte array should only contain * the encoded value of the name, and should not include the tag associated * with the name in the GeneralName structure. The ASN.1 definition of this * structure appears below. @@ -806,7 +806,7 @@ public class X509CertSelector implements CertSelector { * must contain the specified subjectAlternativeName. * * @param type the name type (0-8, as specified in - * RFC 3280, section 4.2.1.7) + * RFC 5280, section 4.2.1.6) * @param name the name in string or byte array form * @throws IOException if a parsing error occurs */ @@ -995,7 +995,7 @@ public class X509CertSelector implements CertSelector { *
* The name constraints are specified as a byte array. This byte array * should contain the DER encoded form of the name constraints, as they - * would appear in the NameConstraints structure defined in RFC 3280 + * would appear in the NameConstraints structure defined in RFC 5280 * and X.509. The ASN.1 definition of this structure appears below. * *
{@code @@ -1197,7 +1197,7 @@ public class X509CertSelector implements CertSelector { *- * RFC 3280 recommends that when used, this be marked + * RFC 5280 recommends that when used, this be marked * as a critical extension. * * @return the KeyUsage extension of this certificate, represented as @@ -572,7 +572,7 @@ implements X509Extension { * RFC 822, DNS, and URI * names are returned as {@code String}s, * using the well-established string formats for those types (subject to - * the restrictions included in RFC 3280). IPv4 address names are + * the restrictions included in RFC 5280). IPv4 address names are * returned using dotted quad notation. IPv6 address names are returned * in the form "a1:a2:...:a8", where a1-a8 are hexadecimal values * representing the eight 16-bit pieces of the address. OID names are diff --git a/src/share/classes/javax/security/auth/x500/X500Principal.java b/src/share/classes/javax/security/auth/x500/X500Principal.java index 77292b0be22f29ce7cde390d8cdf5f4a7ea225d6..22366610981252b3bb644c65a0d8786ef578be18 100644 --- a/src/share/classes/javax/security/auth/x500/X500Principal.java +++ b/src/share/classes/javax/security/auth/x500/X500Principal.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -41,13 +41,13 @@ import sun.security.util.*; * of the distinguished name, or by using the ASN.1 DER encoded byte * representation of the distinguished name. The current specification * for the string representation of a distinguished name is defined in - * RFC 2253: Lightweight + * RFC 2253: Lightweight * Directory Access Protocol (v3): UTF-8 String Representation of * Distinguished Names. This class, however, accepts string formats from - * both RFC 2253 and RFC 1779: + * both RFC 2253 and RFC 1779: * A String Representation of Distinguished Names, and also recognizes * attribute type keywords whose OIDs (Object Identifiers) are defined in - * RFC 3280: Internet X.509 + * RFC 5280: Internet X.509 * Public Key Infrastructure Certificate and CRL Profile. * ** The name is provided in string format. RFC 822, DNS, and URI names * use the well-established string formats for those types (subject to - * the restrictions included in RFC 3280). IPv4 address names are + * the restrictions included in RFC 5280). IPv4 address names are * supplied using dotted quad notation. OID address names are represented * as a series of nonnegative integers separated by periods. And * directory names (distinguished names) are supplied in RFC 2253 format. @@ -1214,7 +1214,7 @@ public class X509CertSelector implements CertSelector { * String form of some distinguished names. * * @param type the name type (0-8, as specified in - * RFC 3280, section 4.2.1.7) + * RFC 5280, section 4.2.1.6) * @param name the name in string form * @throws IOException if a parsing error occurs */ @@ -1234,7 +1234,7 @@ public class X509CertSelector implements CertSelector { *
* The name is provided as a byte array. This byte array should contain * the DER encoded name, as it would appear in the GeneralName structure - * defined in RFC 3280 and X.509. The ASN.1 definition of this structure + * defined in RFC 5280 and X.509. The ASN.1 definition of this structure * appears in the documentation for * {@link #addSubjectAlternativeName(int type, byte [] name) * addSubjectAlternativeName(int type, byte [] name)}. @@ -1243,7 +1243,7 @@ public class X509CertSelector implements CertSelector { * subsequent modifications. * * @param type the name type (0-8, as specified in - * RFC 3280, section 4.2.1.7) + * RFC 5280, section 4.2.1.6) * @param name a byte array containing the name in ASN.1 DER encoded form * @throws IOException if a parsing error occurs */ @@ -1258,7 +1258,7 @@ public class X509CertSelector implements CertSelector { * the specified pathToName. * * @param type the name type (0-8, as specified in - * RFC 3280, section 4.2.1.7) + * RFC 5280, section 4.2.1.6) * @param name the name in string or byte array form * @throws IOException if an encoding error occurs (incorrect form for DN) */ @@ -1715,7 +1715,7 @@ public class X509CertSelector implements CertSelector { *
* The name constraints are returned as a byte array. This byte array * contains the DER encoded form of the name constraints, as they - * would appear in the NameConstraints structure defined in RFC 3280 + * would appear in the NameConstraints structure defined in RFC 5280 * and X.509. The ASN.1 notation for this structure is supplied in the * documentation for * {@link #setNameConstraints(byte [] bytes) setNameConstraints(byte [] bytes)}. diff --git a/src/share/classes/java/security/cert/X509Certificate.java b/src/share/classes/java/security/cert/X509Certificate.java index 0aba5da60c0205f240ba6ab3de4c2de8c28ef9c4..174d6a73838496771e1b77080b03505ef3c14fc4 100644 --- a/src/share/classes/java/security/cert/X509Certificate.java +++ b/src/share/classes/java/security/cert/X509Certificate.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -63,7 +63,7 @@ import sun.security.x509.X509CertImpl; * CA such as a "root" CA. *
* More information can be found in - * RFC 3280: Internet X.509 + * RFC 5280: Internet X.509 * Public Key Infrastructure Certificate and CRL Profile. *
* The ASN.1 definition of {@code tbsCertificate} is: @@ -408,7 +408,7 @@ implements X509Extension { * Gets the {@code issuerUniqueID} value from the certificate. * The issuer unique identifier is present in the certificate * to handle the possibility of reuse of issuer names over time. - * RFC 3280 recommends that names not be reused and that + * RFC 5280 recommends that names not be reused and that * conforming certificates not make use of unique identifiers. * Applications conforming to that profile should be capable of * parsing unique identifiers and making comparisons. @@ -459,7 +459,7 @@ implements X509Extension { * encipherOnly (7), * decipherOnly (8) } *
The string representation for this {@code X500Principal} @@ -108,7 +108,7 @@ public final class X500Principal implements Principal, java.io.Serializable { * (and listed in {@link #getName(String format) getName(String format)}), * as well as the T, DNQ or DNQUALIFIER, SURNAME, GIVENNAME, INITIALS, * GENERATION, EMAILADDRESS, and SERIALNUMBER keywords whose Object - * Identifiers (OIDs) are defined in RFC 3280 and its successor. + * Identifiers (OIDs) are defined in RFC 5280. * Any other attribute type must be specified as an OID. * *
This implementation enforces a more restrictive OID syntax than @@ -456,7 +456,7 @@ public final class X500Principal implements Principal, java.io.Serializable { * (obtained via the {@code getName(X500Principal.CANONICAL)} method) * of this object and o are equal. * - *
This implementation is compliant with the requirements of RFC 3280. + *
This implementation is compliant with the requirements of RFC 5280. * * @param o Object to be compared for equality with this * {@code X500Principal} diff --git a/src/share/classes/javax/security/auth/x500/package-info.java b/src/share/classes/javax/security/auth/x500/package-info.java index 12f8a5322d1e0d993f66111c46e8d104d34d991a..1e9ca1a82405a4ff175e838d7f0c6082eede7733 100644 --- a/src/share/classes/javax/security/auth/x500/package-info.java +++ b/src/share/classes/javax/security/auth/x500/package-info.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -31,15 +31,15 @@ *
YYMMDDhhmmss{Z|+hhmm|-hhmm} ... emits only using Zulu time - * and with seconds (even if seconds=0) as per RFC 3280. + * and with seconds (even if seconds=0) as per RFC 5280. */ public void putUTCTime(Date d) throws IOException { putTime(d, DerValue.tag_UtcTime); @@ -471,7 +471,7 @@ extends ByteArrayOutputStream implements DerEncoder { * Marshals a DER Generalized Time/date value. * *
YYYYMMDDhhmmss{Z|+hhmm|-hhmm} ... emits only using Zulu time - * and with seconds (even if seconds=0) as per RFC 3280. + * and with seconds (even if seconds=0) as per RFC 5280. */ public void putGeneralizedTime(Date d) throws IOException { putTime(d, DerValue.tag_GeneralizedTime); diff --git a/src/share/classes/sun/security/util/DerValue.java b/src/share/classes/sun/security/util/DerValue.java index 595c01169393a2eca6c98d0829cdfa29aaaf68ea..9372537375a5010de84d82a4ea7e55e3b84b09ad 100644 --- a/src/share/classes/sun/security/util/DerValue.java +++ b/src/share/classes/sun/security/util/DerValue.java @@ -45,8 +45,8 @@ import sun.misc.IOUtils; * (such as PKCS #10 certificate requests, and some kinds of PKCS #7 data). * * A note with respect to T61/Teletex strings: From RFC 1617, section 4.1.3 - * and RFC 3280, section 4.1.2.4., we assume that this kind of string will - * contain ISO-8859-1 characters only. + * and RFC 5280, section 8, we assume that this kind of string will contain + * ISO-8859-1 characters only. * * * @author David Brownell diff --git a/src/share/classes/sun/security/x509/AuthorityInfoAccessExtension.java b/src/share/classes/sun/security/x509/AuthorityInfoAccessExtension.java index 725c753e6509eb0acf22bb47328eba6dfa4b1e03..afc642df2f77ecc7570768fec8b5de164efeca9c 100644 --- a/src/share/classes/sun/security/x509/AuthorityInfoAccessExtension.java +++ b/src/share/classes/sun/security/x509/AuthorityInfoAccessExtension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -43,7 +43,7 @@ import sun.security.util.DerValue; * certificate that identifies the specific OCSP Responder to use when * performing on-line validation of that certificate. *
- * This extension is defined in + * This extension is defined in * Internet X.509 PKI Certificate and Certificate Revocation List * (CRL) Profile. The profile permits * the extension to be included in end-entity or CA certificates, diff --git a/src/share/classes/sun/security/x509/CertificateIssuerExtension.java b/src/share/classes/sun/security/x509/CertificateIssuerExtension.java index b7739707ddf146a94ef311221e4d398e0258339d..0dd8f39642a3bb87c7234992df95a9e5cd6fb693 100644 --- a/src/share/classes/sun/security/x509/CertificateIssuerExtension.java +++ b/src/share/classes/sun/security/x509/CertificateIssuerExtension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -44,7 +44,7 @@ import sun.security.util.DerOutputStream; *
* If used by conforming CRL issuers, this extension is always * critical. If an implementation ignored this extension it could not - * correctly attribute CRL entries to certificates. PKIX (RFC 3280) + * correctly attribute CRL entries to certificates. PKIX (RFC 5280) * RECOMMENDS that implementations recognize this extension. *
* The ASN.1 definition for this is: diff --git a/src/share/classes/sun/security/x509/DeltaCRLIndicatorExtension.java b/src/share/classes/sun/security/x509/DeltaCRLIndicatorExtension.java index 69be1457c000d8feb865c2fda8a118c0bc00b5ea..4b032239398bf0ab186fcced70af073e2f5131cf 100644 --- a/src/share/classes/sun/security/x509/DeltaCRLIndicatorExtension.java +++ b/src/share/classes/sun/security/x509/DeltaCRLIndicatorExtension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -45,7 +45,7 @@ import sun.security.util.*; * *
* The extension is defined in Section 5.2.4 of - * Internet X.509 PKI Certific + * Internet X.509 PKI Certific ate and Certificate Revocation List (CRL) Profile. * *
diff --git a/src/share/classes/sun/security/x509/ExtendedKeyUsageExtension.java b/src/share/classes/sun/security/x509/ExtendedKeyUsageExtension.java
index 680846029bd0b1ccacccee1eb2cc2fe4cd703f9b..dc820770ef8ab5107f42d941a880c1d84d2710d3 100644
--- a/src/share/classes/sun/security/x509/ExtendedKeyUsageExtension.java
+++ b/src/share/classes/sun/security/x509/ExtendedKeyUsageExtension.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -94,7 +94,7 @@ implements CertAttrSet
* The extension is defined in Section 5.2.6 of
- * Internet X.509 PKI Certific
+ * Internet X.509 PKI Certific
ate and Certificate Revocation List (CRL) Profile.
*
*
diff --git a/src/share/classes/sun/security/x509/InvalidityDateExtension.java b/src/share/classes/sun/security/x509/InvalidityDateExtension.java
index eda0216489ec3a1d720a76fbb5dda743b328e675..7fac65f3ee592c28fe608e27a01c212433bb86f9 100644
--- a/src/share/classes/sun/security/x509/InvalidityDateExtension.java
+++ b/src/share/classes/sun/security/x509/InvalidityDateExtension.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2007, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -33,7 +33,7 @@ import java.util.Enumeration;
import sun.security.util.*;
/**
- * From RFC 3280:
+ * From RFC 5280:
*
* The invalidity date is a non-critical CRL entry extension that
* provides the date on which it is known or suspected that the private
diff --git a/src/share/classes/sun/security/x509/IssuingDistributionPointExtension.java b/src/share/classes/sun/security/x509/IssuingDistributionPointExtension.java
index 6fe8eb3b13c6f4185585f8451e8b7b1ac0852cb0..6866af0830930f0c209dbc94318afb25c6ee17df 100644
--- a/src/share/classes/sun/security/x509/IssuingDistributionPointExtension.java
+++ b/src/share/classes/sun/security/x509/IssuingDistributionPointExtension.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -46,7 +46,7 @@ import sun.security.util.DerValue;
*
*
* The extension is defined in Section 5.2.5 of
- * Internet X.509 PKI Certific
+ * Internet X.509 PKI Certific
ate and Certificate Revocation List (CRL) Profile.
*
*
diff --git a/src/share/classes/sun/security/x509/RDN.java b/src/share/classes/sun/security/x509/RDN.java
index e60e2e8435449ee5b2d5e9e636bfd3af5a5a18fc..9eb60681fa5936fba9e99ddd6acfacc14682deff 100644
--- a/src/share/classes/sun/security/x509/RDN.java
+++ b/src/share/classes/sun/security/x509/RDN.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -343,7 +343,7 @@ public class RDN {
/*
* Returns a printable form of this RDN, using RFC 1779 style catenation
* of attribute/value assertions, and emitting attribute type keywords
- * from RFCs 1779, 2253, and 3280.
+ * from RFCs 1779, 2253, and 5280.
*/
public String toString() {
if (assertion.length == 1) {
diff --git a/src/share/classes/sun/security/x509/README b/src/share/classes/sun/security/x509/README
index 31a129186599297242b38aec1023ba2c0ba1fdad..f18a37352398babe1c7312beaf1a0193fd4a731c 100644
--- a/src/share/classes/sun/security/x509/README
+++ b/src/share/classes/sun/security/x509/README
@@ -34,7 +34,7 @@ found in:
Protocol (LDAP) that many organizations are expecting will help
address online certificate distribution over the Internet.
- RFC 3280, which describes the Internet X.509 Public Key
+ RFC 5280, which describes the Internet X.509 Public Key
Infrastructure Certificate and CRL Profile.
RSA DSI has a bunch of "Public Key Cryptography Standards" (PKCS) which
diff --git a/src/share/classes/sun/security/x509/SubjectInfoAccessExtension.java b/src/share/classes/sun/security/x509/SubjectInfoAccessExtension.java
index e1a0bc2611468ef4b2b65b667219de99d99602dd..29d60eff84e04cea95f1245a08661c17587817f4 100644
--- a/src/share/classes/sun/security/x509/SubjectInfoAccessExtension.java
+++ b/src/share/classes/sun/security/x509/SubjectInfoAccessExtension.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -48,7 +48,7 @@ import sun.security.util.DerValue;
* included in end entity or CA certificates. Conforming CAs MUST mark
* this extension as non-critical.
*
- * This extension is defined in
+ * This extension is defined in
* Internet X.509 PKI Certificate and Certificate Revocation List
* (CRL) Profile. The profile permits
* the extension to be included in end-entity or CA certificates,
diff --git a/src/share/classes/sun/security/x509/URIName.java b/src/share/classes/sun/security/x509/URIName.java
index 3c5b523b5f07414ca32b9051d89ac3535066e65e..2d2cafd21ec553d38bb6d381154a7f8d51cde55a 100644
--- a/src/share/classes/sun/security/x509/URIName.java
+++ b/src/share/classes/sun/security/x509/URIName.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -35,15 +35,15 @@ import sun.security.util.*;
* This class implements the URIName as required by the GeneralNames
* ASN.1 object.
*
- * [RFC3280] When the subjectAltName extension contains a URI, the name MUST be
+ * [RFC5280] When the subjectAltName extension contains a URI, the name MUST be
* stored in the uniformResourceIdentifier (an IA5String). The name MUST
* be a non-relative URL, and MUST follow the URL syntax and encoding
- * rules specified in [RFC 1738]. The name must include both a scheme
+ * rules specified in [RFC 3986]. The name must include both a scheme
* (e.g., "http" or "ftp") and a scheme-specific-part. The scheme-
* specific-part must include a fully qualified domain name or IP
* address as the host.
*
- * As specified in [RFC 1738], the scheme name is not case-sensitive
+ * As specified in [RFC 3986], the scheme name is not case-sensitive
* (e.g., "http" is equivalent to "HTTP"). The host part is also not
* case-sensitive, but other components of the scheme-specific-part may
* be case-sensitive. When comparing URIs, conforming implementations
@@ -113,7 +113,7 @@ public class URIName implements GeneralNameInterface {
}
host = uri.getHost();
- // RFC 3280 says that the host should be non-null, but we allow it to
+ // RFC 5280 says that the host should be non-null, but we allow it to
// be null because some widely deployed certificates contain CDP
// extensions with URIs that have no hostname (see bugs 4802236 and
// 5107944).
@@ -148,7 +148,7 @@ public class URIName implements GeneralNameInterface {
/**
* Create the URIName object with the specified name constraint. URI
* name constraints syntax is different than SubjectAltNames, etc. See
- * 4.2.1.11 of RFC 3280.
+ * 4.2.1.10 of RFC 5280.
*
* @param value the URI name constraint
* @throws IOException if name is not a proper URI name constraint
@@ -300,7 +300,7 @@ public class URIName implements GeneralNameInterface {
* These results are used in checking NameConstraints during
* certification path verification.
*
- * RFC3280: For URIs, the constraint applies to the host part of the name.
+ * RFC5280: For URIs, the constraint applies to the host part of the name.
* The constraint may specify a host or a domain. Examples would be
* "foo.bar.com"; and ".xyz.com". When the the constraint begins with
* a period, it may be expanded with one or more subdomains. That is,
diff --git a/src/share/classes/sun/security/x509/X500Name.java b/src/share/classes/sun/security/x509/X500Name.java
index 447395c503faf860527e2e1f8f84320c501ed4ad..8a6d93cf5239b14432347be6f48e753a98e863a6 100644
--- a/src/share/classes/sun/security/x509/X500Name.java
+++ b/src/share/classes/sun/security/x509/X500Name.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -604,7 +604,7 @@ public class X500Name implements GeneralNameInterface, Principal {
* Returns a string form of the X.500 distinguished name.
* The format of the string is from RFC 1779. The returned string
* may contain non-standardised keywords for more readability
- * (keywords from RFCs 1779, 2253, and 3280).
+ * (keywords from RFCs 1779, 2253, and 5280).
*/
public String toString() {
if (dn == null) {
@@ -865,7 +865,7 @@ public class X500Name implements GeneralNameInterface, Principal {
* O="Sue, Grabbit and Runn" or
* O=Sue\, Grabbit and Runn
*
- * This method can parse RFC 1779, 2253 or 4514 DNs and non-standard 3280
+ * This method can parse RFC 1779, 2253 or 4514 DNs and non-standard 5280
* keywords. Additional keywords can be specified in the keyword/OID map.
*/
private void parseDN(String input, Map
* The ASN.1 definition of tbsCertList
is:
diff --git a/src/share/classes/sun/security/x509/X509CertInfo.java b/src/share/classes/sun/security/x509/X509CertInfo.java
index b7f2dd85bcd108a6543c76ca202caf657bad5336..fa64e9d0fc219ab12435649675f9a5a198d499b9 100644
--- a/src/share/classes/sun/security/x509/X509CertInfo.java
+++ b/src/share/classes/sun/security/x509/X509CertInfo.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -708,7 +708,7 @@ public class X509CertInfo implements CertAttrSet