Code review request: 7113275, compatibility issue with MD2 trust anchor and old X509TrustManager
Xuelei Fan
xuelei.fan at oracle.com
Wed Nov 23 12:50:27 UTC 2011
Thanks for the review.
> I think a better approach would be to add check{Client,Server}Trusted methods
> that return a result. For example, something like (I believe that changing the
> X509Certificate[] parameter allows us to overload the method with a different
> return type):
>
> public TrustManagerResult checkClientTrusted(CertPath chain, String authType,
> Socket socket) ...
>
> public interface TrustManagerResult {
> public TrustAnchor getTrustAnchor();
> }
>
> public interface CertPathTrustManagerResult extends TrustManagerResult {
> public CertPathValidatorResult getCertPathValidatorResult();
> }
>
It looks a little overwhelm to create a new series of methods.
Applications will have to comply to the new methods, as might be not
what we are expecting.
But it's really useful when the server sends a partial certification
path, and the trust manager will build a full certification path. So
return a full certification path, or the trust anchor is useful for
application, such as java plugin.
TLS extensions spec (RFC 6066) defines OCSP status request extension and
client certificate URLs extension. It may be a good time to consider the
enhancement while implementing the above two extensions, as may need to
update the existing trust manager methods.
Thanks,
Xuelei
More information about the security-dev
mailing list