Fwd: Re: Update: JEP 249 (OCSP Stapling for TLS)
Jamil Nimeh
jamil.j.nimeh at oracle.com
Fri Jul 17 19:19:21 UTC 2015
Sorry for not being explicit about the changes that went into webrev.2,
but I've listed them below:
* The StatusResponseManager to do cache checking from the main thread
rather than a worker thread
* A fix in ServerHandshaker's selection of the CertStatusReqItemV2
where I wasn't properly picking the first instance of an item type
of "ocsp" (as opposed to ocsp_multi, which always get the first
instance). Type ocsp_multi will still supersede ocsp types, however.
* A spec change to ExtendedSSLSession.getStatusResponses() to clarify
the meaning of zero-length byte arrays in the returned list.
http://cr.openjdk.java.net/~jnimeh/reviews/8046321/webrev.2
Thanks,
--Jamil
>
> On 07/11/2015 02:16 PM, Jamil Nimeh wrote:
>> Hello all,
>>
>> I have an updated webrev for OCSP stapling which incorporates comments
>> thus far and a few bug fixes and tests.
>>
>> webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8046321/webrev.2
>> JEP: https://bugs.openjdk.java.net/browse/JDK-8046321
>>
>> Thanks,
>> --Jamil
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20150717/2265dae7/attachment.htm>
More information about the security-dev
mailing list