JSSE patches for HonorCipherOrder and preventing client-initiated renegotiations

Xuelei Fan Xuelei.Fan at Oracle.Com
Sat Mar 24 16:28:07 PDT 2012


Hi Neal,

Thanks for your proposal to enrich the JSSE implementation.

Before we talk more about your contribution, I want to know, did you sign the Oracle Contributor Agreement (OCA)?   Like many other open-source communities, the OpenJDK Community requires contributors to jointly assign their copyright on contributed code. If you haven't yet signed the Oracle Contributor Agreement (OCA), please read the doc, http://openjdk.java.net/contribute/ or other legal issues in http://openjdk.java.net/legal/.

Regards,
Xuelei Fan

On Mar 24, 2012, at 2:19 PM, Neale Rudd <neale at metawerx.net> wrote:

> Hi Guys,
>  
> Just joined the list, nice to meet you.
>  
> I have developed two changes for JSSE which add the ability to use an HonorCipherOrder feature (an option in openssl) and to prevent client-initiated renegotiations (like openssl does now by default).
>  
> These work fine in my local tests and on the ssllabs test.
>  
> I've submitted patches for Tomcat before, but I'm new to contributing to openjdk.  Therefore, I am interested in teaming up with 1 or more other developers to sponsor me, offer relevant advice, review these patches and develop the corresponding unit tests.
>  
> If you would like to team up on these two, please contact me.
>  
> Best Regards,
> Neale Rudd
>  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/security-dev/attachments/20120325/9ce4f227/attachment.html 


More information about the security-dev mailing list