Proposal: ALPN and RSASSA-PSS APIs for Java SE 8 and JDK 8

Iris Clark iris.clark at oracle.com
Wed Nov 6 21:54:18 UTC 2019


The TLS 1.3 protocol is rapidly gaining adoption on the Internet, and thus is
important even for legacy applications running on JDK 8.

Backporting TLS 1.3 to JDK 8 would not, of itself, require API changes, but
API changes are required in order to backport two technologies necessary for
TLS 1.3, ALPN [1] and RSASSA-PSS [2]:

  - The TLS ALPN (Application-Layer Protocol Negotiation) extension was added
    to Java SE 9 with JEP 244 (TLS Application-Layer Protocol Negotiation
    Extension (ALPN)) [3].  It allows negotiation of an application-layer
    protocol value during the TLS handshake which may be used during the
    selection of other TLS protocol parameters.  HTTP/2 [4] and other modern
    network protocols use ALPN. [5,6]

  - Support for the RSASSA-PSS (RSA Signature Scheme with Appendix --
    Probabilistic Signature Scheme) algorithm was added to Java SE 11.  It is
    a cryptographic signature scheme used for secure data transmission which
    was initially standardized as part of PKCS#1 v2.1 [7].  An API is
    necessary to enable third-party provider support. [8,9]

To enable efforts to backport TLS 1.3 to JDK 8, I'll shortly propose a
Maintenance Release of the Java SE 8 Platform JSR [0] in the JCP to backport
the ALPN and RSASSA-PSS APIs.  This will require updates to the Specification,
the Reference Implementation (RI), and the TCK, which I and my colleagues at
Oracle will provide.  I expect the Maintenance Release process to complete by
February 2020, in time for these changes to be merged into the April security
releases of JDK 8.

In order to reduce risk we'd like to base the open-source RI on OpenJDK 8u40
[10], the RI for the previous two Maintenance Releases, rather than the most
recent OpenJDK 8 update release.  We propose to name this "8u41," which is a
bit odd but does convey the special nature of any RI build: It's not meant for
production use, since it's never updated with security fixes.

If it's not too much work then we'll also contribute the changes required by
the MR to the next appropriate OpenJDK 8 release, most likely 8u252.  We do
not plan to contribute a backport TLS 1.3 to OpenJDK 8.

Comments?

Iris

[0]: https://openjdk.java.net/projects/jdk8/spec/
[1]: https://bugs.openjdk.java.net/browse/JDK-8230977
[2]: https://bugs.openjdk.java.net/browse/JDK-8230978
[3]: https://openjdk.java.net/jeps/244
[4]: https://tools.ietf.org/html/rfc7540
[5]: https://bugs.openjdk.java.net/browse/JDK-8144093
[6]: https://bugs.openjdk.java.net/browse/JDK-8170282
[7]: https://tools.ietf.org/html/rfc3447
[8]: https://bugs.openjdk.java.net/browse/JDK-8190180
[9]: https://bugs.openjdk.java.net/browse/JDK-8206864
[10]: https://hg.openjdk.java.net/jdk8u/jdk8u40


More information about the jdk8u-dev mailing list