RFR[8u41]: MR 3 - ALPN & RSASSA-PSS in Java SE 8
Bradford Wetmore
bradford.wetmore at oracle.com
Thu Nov 21 07:02:45 UTC 2019
Andrew,
On second thought, we will use the jdk8u-fix-request as requested.
Thanks for pointing this out.
I've added the relevant tags and comments, can you or Andrew Haley
please approve?
ALPN: https://bugs.openjdk.java.net/browse/JDK-8230977
PSS: https://bugs.openjdk.java.net/browse/JDK-8230978
Brad
On 11/20/2019 3:48 PM, Bradford Wetmore wrote:
> Hi Andrew,
>
> There are two phases for the MR:
>
> 1. We must show the API/changes are implementable by providing a
> Reference Implementation (RI) and corresponding TCK tests. These
> codereviews are for the RI.
>
> 2. From Iris' email [1]:
>
> If it's not too much work then we'll also contribute the changes
> required by the MR to the next appropriate OpenJDK 8 release, most
> likely 8u252...
>
> If we can contribute these changes to OpenJDK, we will use the
> jdk8u-fix-request label at that time.
>
> >>
> >> [4] https://bugs.openjdk.java.net/browse/JDK-8233417
>
> >> [6] https://bugs.openjdk.java.net/browse/JDK-8233418
> >> [7] http://hg.openjdk.java.net/jdk8u/jdk8u41/
> >>
> >
> > It's not clear which bug IDs these two webrevs apply to.
>
> ALPN: https://bugs.openjdk.java.net/browse/JDK-8230977
> PSS: https://bugs.openjdk.java.net/browse/JDK-8230978
>
> Thanks,
>
> Brad
>
> [1]
> https://mail.openjdk.java.net/pipermail/jdk8u-dev/2019-November/010573.html
>
>
>
> On 11/18/2019 5:28 PM, Andrew John Hughes wrote:
>>
>>
>> On 14/11/2019 02:05, Bradford Wetmore wrote:
>>> Xuelei/Valerie (+ any other codereviewers),
>>>
>>> As announced on jdk8u-dev[1], there is a Maintenance Release in
>>> progress
>>> for Java SE 8 (i.e. JSR 337) [2] to include two security features
>>> important for TLS 1.3:
>>>
>>> 1. Application-Layer Protocol Negotiation (ALPN) [3][4]
>>> 2. RSA Signature Scheme with Appendix: Probabilistic Signature Scheme
>>> (RSASSA-PSS) [5][6]
>>>
>>> The Enhancement and CSR IDs are footnoted above/below.
>>>
>>> To ensure compatibility across the active Java releases, we are
>>> backporting the APIs introduced in Java SE 9 and 11 respectively to
>>> Java
>>> SE 8.
>>>
>>> This email is a Request For Review (RFR) of the two major pieces for
>>> this MR:
>>>
>>> 1. ALPN:
>>> http://cr.openjdk.java.net/~wetmore/MR3-codereview-8u41/open/ALPN
>>>
>>> 2. RSASSA-PSS:
>>> http://cr.openjdk.java.net/~wetmore/MR3-codereview-8u41/open/PSS
>>>
>>> This includes the updates to the Specification and Reference
>>> Implementation (RI), which will be called JDK 8u41 [7].
>>>
>>> Almost all of these changes are direct copies of the changesets applied
>>> in JDK 9+.
>>>
>>> In addition to these features:
>>>
>>> 1. The file ADDITIONAL_LICENSE_INFO was added, which is identical to
>>> the same file in later releases.
>>>
>>> 2. Truncated MessageDigests (i.e. SHA-512/224, SHA-512/256) were added
>>> to the SUN Provider to support the corresponding truncated RSASSA-PSS
>>> Signatures.
>>>
>>> Thanks,
>>>
>>> Brad
>>>
>>> [1]
>>> https://mail.openjdk.java.net/pipermail/jdk8u-dev/2019-November/010573.html
>>>
>>> [2] https://www.jcp.org/en/jsr/detail?id=337
>>> [3] https://bugs.openjdk.java.net/browse/JDK-8230977
>>> [4] https://bugs.openjdk.java.net/browse/JDK-8233417
>>> [5] https://bugs.openjdk.java.net/browse/JDK-8230978
>>> [6] https://bugs.openjdk.java.net/browse/JDK-8233418
>>> [7] http://hg.openjdk.java.net/jdk8u/jdk8u41/
>>>
>>
>> It's not clear which bug IDs these two webrevs apply to.
>>
>> Note that changes for OpenJDK 8u require approval using the
>> jdk8u-fix-request label, as described at
>> https://wiki.openjdk.java.net/display/jdk8u/Main.
>>
>> Thanks,
>>
More information about the jdk8u-dev
mailing list