Code review request, 7188658 Add possibility to disable client initiated renegotiation

Brad Wetmore bradford.wetmore at oracle.com
Thu Jun 27 22:44:11 UTC 2013


continued, I forgot this next part.

>> ServerHandshaker.java
>> =====================
>> 283:  My initial thought was a no_renegotiation(100) warning, but that
>> allows the client to decide what to do, rather than the server terminating.
>>
> No, we cannot.  First of all, warning message is not very useful because
> in general the sending party cannot know how the receiving party behave.
>   Secondly, it is the expected behavior to *reject" client initiated
> renegotiation. It is the server who should make the decision, but not
> the client.

Exactly.

>> This TLS logic decision is not straightforward, so this needs commenting.

And the above is what I wanted to see in the comments.  That is, why we 
don't send a no_renegotiation warning alert.  It's a subtle but 
important enough point that should be documented.  I think we should 
open a separate bug to handle this.  Just a couple of lines are needed.

> I think "reject client initialized renegotiation" has say all. ;-) I
> will add words about "state != HandshakeMessage.ht_hello_request".

Different comment.

Brad




More information about the security-dev mailing list