[8u] TLSv1.3 RFR: 8245476: Disable TLSv1.3 protocol in the ClientHello message by default
Alexey Bakhtin
alexey at azul.com
Tue Jul 21 11:50:36 UTC 2020
Hi Martin,
You are right. It could be much simple with original method signatures.
The updated patch : http://cr.openjdk.java.net/~abakhtin/tls1.3/8245466/8245476/webrev.v2/
Thank you
Alexey
> On 21 Jul 2020, at 02:06, Martin Balao <mbalao at redhat.com> wrote:
>
> Hi Alexey,
>
> On 7/16/20 7:25 AM, Alexey Bakhtin wrote:
>> TLSv1.3, 1.2 and 1.1 contexts are different because of we selected highest protocol explicitly, so return cipher suites for these protocol set only.
>> My approach requires less configuration from application point of view.
>> However you are right, this approach could be also misleading if default cipher and protocol set not match each other.
>>
>> Updated webrev at : http://cr.openjdk.java.net/~abakhtin/tls1.3/8245466/8245476/webrev.v1/
>
> Thanks for your new proposal.
>
> Can we keep the CustomizedTLSContext::customizedProtocols and
> CustomizedTLSContext::getProtocols signatures?
>
> Looks to me that 'getProtocols' was intended for clients to avoid the
> SSL20Hello protocol, as servers use the inherited
> 'getSupportedProtocols'. The name is a bit of a misnomer, though. The
> 'isDefault' parameter, on the other hand, does not add much information
> to me as these are default values anyways.
>
> Thanks,
> Martin.-
>
More information about the jdk8u-dev
mailing list