Fwd: Re: Update: JEP 249 (OCSP Stapling for TLS)

Jamil Nimeh jamil.j.nimeh at oracle.com
Fri Jul 17 19:19:21 UTC 2015


Sorry for not being explicit about the changes that went into webrev.2, 
but I've listed them below:

  * The StatusResponseManager to do cache checking from the main thread
    rather than a worker thread
  * A fix in ServerHandshaker's selection of the CertStatusReqItemV2
    where I wasn't properly picking the first instance of an item type
    of "ocsp" (as opposed to ocsp_multi, which always get the first
    instance).  Type ocsp_multi will still supersede ocsp types, however.
  * A spec change to ExtendedSSLSession.getStatusResponses() to clarify
    the meaning of zero-length byte arrays in the returned list.

http://cr.openjdk.java.net/~jnimeh/reviews/8046321/webrev.2

Thanks,
--Jamil

>
> On 07/11/2015 02:16 PM, Jamil Nimeh wrote:
>> Hello all,
>>
>> I have an updated webrev for OCSP stapling which incorporates comments
>> thus far and a few bug fixes and tests.
>>
>> webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8046321/webrev.2
>> JEP: https://bugs.openjdk.java.net/browse/JDK-8046321
>>
>> Thanks,
>> --Jamil



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20150717/2265dae7/attachment.htm>


More information about the security-dev mailing list