Fwd: Re: Update: JEP 249 (OCSP Stapling for TLS)
Xuelei Fan
xuelei.fan at oracle.com
Sun Jul 19 00:41:40 UTC 2015
Hi Jamil,
Looks fine to me. Maybe, a few implementation issues still need to be
addressed, it's OK to me if they get addressed in JDK 9 later in new bugs.
Thank you!
Thanks,
Xuelei
On 7/18/2015 3:19 AM, Jamil Nimeh wrote:
> Sorry for not being explicit about the changes that went into webrev.2,
> but I've listed them below:
>
> * The StatusResponseManager to do cache checking from the main thread
> rather than a worker thread
> * A fix in ServerHandshaker's selection of the CertStatusReqItemV2
> where I wasn't properly picking the first instance of an item type
> of "ocsp" (as opposed to ocsp_multi, which always get the first
> instance). Type ocsp_multi will still supersede ocsp types, however.
> * A spec change to ExtendedSSLSession.getStatusResponses() to clarify
> the meaning of zero-length byte arrays in the returned list.
>
> http://cr.openjdk.java.net/~jnimeh/reviews/8046321/webrev.2
>
> Thanks,
> --Jamil
>
>>
>> On 07/11/2015 02:16 PM, Jamil Nimeh wrote:
>>> Hello all,
>>>
>>> I have an updated webrev for OCSP stapling which incorporates comments
>>> thus far and a few bug fixes and tests.
>>>
>>> webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8046321/webrev.2
>>> JEP: https://bugs.openjdk.java.net/browse/JDK-8046321
>>>
>>> Thanks,
>>> --Jamil
>
>
>
More information about the security-dev
mailing list