Re: [Pki-devel] [PATCH] 0134-Make-sure-only-the-master-keys-and-certs-are-imported

Ade: This looks good but I have a question. Looking at the function you added: private static boolean importRequired(ArrayList<String> masterList, String nickname) { + if (masterList.contains(nickname)) + return true; + try { + X500Name xname = new X500Name(nickname); + for (String key: masterList) { + try { + X500Name xkey = new X500Name(key); + if (xkey.equals(xname)) return true; + } catch (IOException e) { + // xkey not an X500Name + } + } + + } catch (IOException e) { + // nickname is not a x500Name + return false; + } + return false; + } It looks like the top of this function does a String comparison just like the code you had in there but commented out already: if (masterList.contains(nickname)) + return true; As I understand the List contains method calls the equals method of the objects involved. Subsequently it looks like you rifle through the whole list and do a comparison between X500Name objects, which represent distinguished names. Why is this done? There are cases where the DN's are equivalent but their raw Strings may differ? thanks, jack ----- Original Message -----