Code Review Request, 8136442 Don't tie Certificate signature algorithms to ciphersuites
Sean Mullan
sean.mullan at oracle.com
Mon Nov 30 12:45:10 UTC 2015
You should change the comment above the calls to setupPrivateKeyAndChain
as it still reflects the previous behavior. Also, should this change
only be applicable to TLS 1.2?
--Sean
On 11/29/2015 08:55 AM, Xuelei Fan wrote:
> Hi,
>
> Please review the fix for JDK-8136442:
>
> http://cr.openjdk.java.net/~xuelei/8136442/webrev.00/
>
> This update is proposing to remove the certificate signature algorithms
> restrictions on cipher suites.
>
> Per TLS ECC spec [section 5.3, RFC 4492],
>
> ECDHE_ECDSA Certificate MUST contain an ECDSA-capable public key.
> It MUST be signed with ECDSA.
>
> RSA signed EC-key certs cannot be used for ECDHE_ECDSA cipher suites.
> That's the current implementation.
>
> However, the restrictions on the algorithm used to sign certificates are
> relaxed in TLS 1.2 [RFC 5246]. Certificate signature algorithms are no
> longer tied to cipher suites. But we have not removed the restrictions
> in our implementation yet.
>
> As this is a straightforward and simple fix, no new test case is planed.
>
> Thanks,
> Xuelei
>
More information about the security-dev
mailing list