[Update]: JEP 249 (OCSP Stapling for TLS)
Xuelei Fan
xuelei.fan at oracle.com
Wed Jul 1 01:04:07 UTC 2015
On 7/1/2015 6:39 AM, Jamil Nimeh wrote:
>> src/java.base/share/classes/sun/security/ssl/HandshakeMessage.java
>> ==================================================================
>> line 713/714, 730/731 throws SSLHandshakeException for extension
>> constructor in server side. That's unlikely to happen, I think. I was
>> wondering, if CertificateStatus cannot be constructed, the server may
>> not want to send the message, rather than terminate the connection
>> immediately.
> I think you're right. While the exception is unlikely, I'd like to have
> the HandshakeMessage throw the exception if something bad happens. I do
> however, agree that we shouldn't make it a fatal error. I'll catch the
> exception in ServerHandshaker, log it, and just not send the message as
> you suggested since that is legal. OK?
I have not read the server side implementation. I would like firstly
check whether the message should be delivered, and than new the
instance. Exception catching is not performance friendly, and looks a
little bit not-straightforward. I think you may want a static method
for the validity checking in CertificateStatus class, instead.
It's OK to throw exception if something bad happens. For easy reading,
please have a comment that it is unlikely to happen if you keep the
throw exception blocks.
Thanks,
Xuelei
More information about the security-dev
mailing list