[JDK 8] Code review request 7188657, There should be a way to reorder the JSSE ciphers
Florian Weimer
fweimer at redhat.com
Wed Aug 28 09:57:56 UTC 2013
On 08/28/2013 11:02 AM, Xuelei Fan wrote:
> Hi,
>
> Please review this update to support cipher suites reorder:
>
> webrev: http://cr.openjdk.java.net/~xuelei/7188657/webrev.00/
>
> Two new methods are added to SSLParameters:
> public final void setUseCipherSuitesOrder(boolean honorOrder);
> public final boolean getUseCipherSuitesOrder();
>
> If SSLParameters.getUseCipherSuitesOrder() return true, the local cipher
> suites order returned in SSLParameters.getCipherSuites() should be
> honored during SSL/TLS handshaking.
The documentation should say this parameter only applies to the server
side because that's the party that picks the cipher suite.
I wonder if an enum (with members LOCAL and PEER, and perhaps
UNSPECIFIED) would be more appropriate than a boolean flag.
--
Florian Weimer / Red Hat Product Security Team
More information about the security-dev
mailing list