RFR: 8279842: HTTPS Channel Binding support for Java GSS/Kerberos
prasad-bit
duke at openjdk.java.net
Mon Jan 17 05:29:32 UTC 2022
On Sat, 15 Jan 2022 00:44:08 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> It's actually a purely system property rather than a Net property at the moment (same as the other spnego ones). Maybe, I should convert them all to net properties, so they can be documented/set in that file?
>
> This system property should only be used for TLS, and the CBT can be used in both the SPNEGO mechanism and the Kerberos 5 mechanism. Therefore I suggest the name should probably contain "tls" (or maybe "https") and "negotiate".
>
> BTW, will you reuse this system property if we decide to support CBT in NTLM as well?
I vote for "jdk.https.tls.cbt"
-------------
PR: https://git.openjdk.java.net/jdk/pull/7065
More information about the core-libs-dev
mailing list