Review Request of JDK Enhancement Proposal: DTLS

Xuelei Fan at
Thu Mar 20 00:50:27 UTC 2014

PMTU is a key point of the design.  I was wondering to expose this
application layer as a configurable parameter.  If it is too big (or not
configured), DTLSEngine(let call it temporarily) will downgrade the size
automatically, just as the previous messages get lost.

It's good point that need a separate spec to determine the PMTU. I will
see what we can do here.


On 3/20/2014 8:31 AM, Matthew Hall wrote:
> Xuelei,
> Is there an existing method for determining valid PMTU from inside of Java? If 
> not then supplying correct segment size to whatever DTLSEngine (or however 
> it's named) class would be non-trivial and could require native code.
> If there is not such support, then a separate spec would be needed to add that 
> support, before it would be possible to get the new DTLS support to work very 
> reliably.
> Matthew.
> On Thu, Mar 20, 2014 at 07:19:06AM +0800, Xuelei Fan wrote:
>> Hi,
>> Please review the JDK Enhancement Proposal, Support Datagram Transport
>> Layer Security (DTLS) version 1.0 (RFC 4347) and 1.2 (RFC 6347) in the
>> JSSE API and the SunJSSE security provider. Detailed, please refer to
>> the draft JEP:
>> Feel free to make comment and send your feedback to the alias.
>> Thanks,
>> Xuelei

More information about the security-dev mailing list