Review Request of JDK Enhancement Proposal: DTLS
Christos Zoulas
christos at zoulas.com
Sat Mar 22 15:30:28 UTC 2014
On Mar 21, 11:48pm, mhall at mhcomputing.net (Matthew Hall) wrote:
-- Subject: Re: Review Request of JDK Enhancement Proposal: DTLS
| The following bug and source code [1] are present in OpenSSL:
|
| http://rt.openssl.org/Ticket/Display.html?id=1929
This link is not public. Can you post a summary?
| I think something similar could be done in the JDK, by making some tweaks to
| the SocketOptions classes to expose some more options. I'm pretty sure
| something relating to this will work in POSIX JDK for Linux, Solaris, OS X,
| but not sure what different magic would be needed for Windows.
|
| Then there could be some kind of way to generate the right discovery
| datagrams, figure out the result, and feed it to the DTLSEngine for
| packetization purposes.
|
| Also, there is some DTLS capability in Bouncy Castle, we could see what they
| allow in terms of packetization as well, though I doubt they'll have what
| OpenSSL has, since IP_MTU_DISCOVER is probably not available to them either.
|
| I am glad you guys are working on this... I already have some use cases in
| mind for it! :-D
So what happens on !linux?
christos
More information about the security-dev
mailing list