Code review request, 7188658 Add possibility to disable client initiated renegotiation
Brad Wetmore
bradford.wetmore at oracle.com
Thu Jun 27 22:44:11 UTC 2013
continued, I forgot this next part.
>> ServerHandshaker.java
>> =====================
>> 283: My initial thought was a no_renegotiation(100) warning, but that
>> allows the client to decide what to do, rather than the server terminating.
>>
> No, we cannot. First of all, warning message is not very useful because
> in general the sending party cannot know how the receiving party behave.
> Secondly, it is the expected behavior to *reject" client initiated
> renegotiation. It is the server who should make the decision, but not
> the client.
Exactly.
>> This TLS logic decision is not straightforward, so this needs commenting.
And the above is what I wanted to see in the comments. That is, why we
don't send a no_renegotiation warning alert. It's a subtle but
important enough point that should be documented. I think we should
open a separate bug to handle this. Just a couple of lines are needed.
> I think "reject client initialized renegotiation" has say all. ;-) I
> will add words about "state != HandshakeMessage.ht_hello_request".
Different comment.
Brad
More information about the security-dev
mailing list