There should be a way to reorder the JSSE ciphers
Matthew Hall
mhall at mhcomputing.net
Wed Aug 7 16:32:38 UTC 2013
On Wed, Aug 07, 2013 at 03:18:02PM +0800, Xuelei Fan wrote:
> hard-coded? I did not catch the idea. It was proposed to define a new
> method:
>
> SSLParameters.setUseCipherSuitesOrder(boolean on);
>
> I was considering to use enum as Sean suggested. Both String and
> integer is not accept to me because they are pretty easy to get used
> incorrectly.
What happens when another kind of flag is needed, such as
UseClientSniExtension, or who knows what other thing?
This Boolean approach doesn't allow introducing new flags when experimenting
or trying to support new RFCs. That's all we are saying when calling this
hard-coded.
Matthew.
More information about the security-dev
mailing list