[JEP-219/JDK-8043758] Code Review Request: Datagram Transport Layer Security (DTLS)
Weijun Wang
weijun.wang at oracle.com
Wed May 27 10:46:29 UTC 2015
There are several places you write
// DTLS bans stream ciphers.
if (suite.cipher.cipherType == CipherType.STREAM_CIPHER) {
return true;
}
According to rfc6347
4.1.2.5. New Cipher Suites
Upon registration, new TLS cipher suites MUST indicate whether they
are suitable for DTLS usage and what, if any, adaptations must be
made (see Section 7 for IANA considerations).
Is it better to add a suitableForDTLS() method to CipherSuite? You can
choose a better name.
In CipherSuite.java, there are
// obsoleted since protocol version
final int obsoleted;
// supported since protocol version
final int supported;
You might want to add a comment that the version must uses TLS versions
(not DTLS versions).
--Max
On 5/21/2015 9:25 AM, Xuelei Fan wrote:
> Hi,
>
> Please review DTLS implementation [JEP-219/JDK-8043758]:
>
> webrev: http://cr.openjdk.java.net/~xuelei/8043758/webrev.latest/
> JBS: https://bugs.openjdk.java.net/browse/JDK-8043758
>
> I would greatly appreciate it if you could send me feedback on or before
> May 28, 2015.
>
> Thanks & Regards,
> Xuelei Fan
>
More information about the security-dev
mailing list