Code review request, JEP 114, 7068321 Support TLS Server Name Indication (SNI) Extension in JSSE Server

Brad Wetmore bradford.wetmore at oracle.com
Mon Oct 15 22:47:39 UTC 2012



> A server name indication extension will be sent whenever the name is
 > recognizable by the matches. I did not check for the types of
> cipher suites.  I think it is the proper approach because although for
> anonymous cipher cuties, there is not certificates, but the ssl context
> may be different, so it is still can be regarded as the server do something
 > different related to the specified SNI.

True!

> According to effective java,

Item 15?  It doesn't specifically talk about final methods, but I think 
I see where you are coming from since this class was originally non-final.

 > I would prefer to use final keyword for
 > the new methods.  I did not see clear requirements that customers
 > need to override the methods. So I would like a stricter restriction
 > for the new methods in case of any mis-use. Does it make sense to you?

Yes.  I can't really think of why not, other than for potential 
extendability.

Brad





More information about the security-dev mailing list