RFR: JEP 249 (OCSP Stapling for TLS)

Jamil Nimeh jamil.j.nimeh at oracle.com
Fri Jun 19 00:27:12 UTC 2015


Hello all,

I have a first cut at the OCSP stapling webrev posted for your review:

JEP: https://bugs.openjdk.java.net/browse/JDK-8046321
Webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8046321/webrev.0/

A couple items to note:

  * I'm in the process of updating the JEP with some more details.  I
    should be done with these changes by tonight (PDT).
  * Missing are some of the TLS end-to-end tests.  These tests have been
    coded and run outside the jtreg framework, but for some reason
    things hang in jtreg.  I've included some of the supporting classes
    that these tests will use (CertificateBuilder.java and
    SimpleOCSPResponder.java) so folks could review those if they're
    interested.  I will update the webrev and notify the list as soon as
    I've got the tests working in jtreg.

Thanks to everyone who has helped along the way.

--Jamil


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20150618/17402d4d/attachment.htm>


More information about the security-dev mailing list