TLS extensions API, ALPN and HTTP 2.0
Xuelei Fan
xuelei.fan at oracle.com
Wed Jun 18 07:52:26 UTC 2014
Hi,
Thank you very much for the enhancement proposal.
It is on the radar of us for JDK 9. However, because this specification
is still in draft status, I may not consider it as a priority unless it
is accepted as the position of IEFT.
Contributions are welcome to OpenJDK community. If the enhancement is
small (less than 2 weeks of engineering effort), it can be contributed
as a patch[1]. Otherwise, better to submit as a JEP[2].
I think the best place to address this proposal is in JSSE component.
security-dev at openjdk.java.net is the alias to talk about JSSE related
issues.
Regards,
Xuelei
[1]: http://openjdk.java.net/contribute/
[2]: http://openjdk.java.net/jeps/0
On 6/18/2014 2:54 PM, Simone Bordet wrote:
> Hi,
>
> I would like to reboot a discussion around an improved TLS extensions
> API in order to support ALPN (see
> http://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg), which is
> the mechanism required by HTTP 2.0 to negotiate the new version of the
> HTTP protocol.
>
> I sent a previous message hoping that such work would have been
> included in JDK 8, but it was too late, see
> http://mail.openjdk.java.net/pipermail/jdk8-dev/2013-March/002197.html.
>
> I think this needs to be addressed so that a future version of the
> Servlet specification can be implemented without requiring the hacks
> described below.
>
> Under the Jetty project, we have implemented ALPN as a set of patches
> to JDK classes, producing a jar that must be prepended to the boot
> classpath in order for ALPN to work, see
> https://www.eclipse.org/jetty/documentation/current/alpn-chapter.html.
> The downside of this is that for every JDK release the ALPN jar may
> need to be rebuilt incorporating JDK changes.
>
> While this solution works, it would be great to have a clear API in
> the JDK that would allow to do add the required TLS extension without
> requiring patched classes and boot classpath jars.
>
> I apologize if this is not the right list to ask these questions, and
> I'll be glad to be redirected to the proper list.
>
> A) Is there any plan to add a generic TLS extensions API to JDK 9 ?
> B) Is there a plan, perhaps in concert with the Servlet EG, to prepare
> to support ALPN in order to support HTTP 2.0 ?
> C) What would be the process to start the effort to add a TLS
> extensions API to the JDK ? Start a new JEP ?
>
> Thanks !
>
More information about the jdk9-dev
mailing list