Review Request of JDK Enhancement Proposal: DTLS

Matthew Hall mhall at mhcomputing.net
Fri Mar 21 00:28:29 UTC 2014


On Fri, Mar 21, 2014 at 06:58:50AM +0800, Xuelei Fan wrote:
> here. Although MTU is not PMTU, but it is normally "correct".

I would state, not "normally correct", but "frequently correct".

In case of IPSEC, SSL VPN, IPv6, GRE, etc. this will not be true. Many of 
these are used for Site-to-Site VPN, which will appear often in the context of 
RTP packets and SRTP packets, which happen to travel over VPNs.

> It would be great if there is PMTU discovery API in Java, which can
> simplify the implementation of DTLS.

Without it, I think there will be a lot of odd bugs occurring.

Matthew.



More information about the security-dev mailing list