RFR: 8279842: HTTPS Channel Binding support for Java GSS/Kerberos
Michael McMahon
michaelm at openjdk.java.net
Wed Jan 19 15:40:36 UTC 2022
On Sat, 15 Jan 2022 14:02:15 GMT, Michael Osipov <duke at openjdk.java.net> wrote:
>> I suggest moving the `TlsChannelBinding` class into `java.base/sun.security.util` since it's not only used by LDAP anymore. It's even not restricted to GSS-API. According to https://www.rfc-editor.org/rfc/rfc5056, "Although inspired by and derived from the GSS-API, the notion of channel binding described herein is not at all limited to use by GSS-API applications".
>>
>> If so, you might need to modify the types of exceptions thrown in the class, and move the 2 final strings to some other class inside `java.security.sasl`.
>
> Seems like `com.sun.jndi.ldap.sasl.TlsChannelBinding` is not misplaced....
Okay, I'll look at doing this refactoring.
-------------
PR: https://git.openjdk.java.net/jdk/pull/7065
More information about the core-libs-dev
mailing list