Code Review Request, 8136442 Don't tie Certificate signature algorithms to ciphersuites

Xuelei Fan xuelei.fan at oracle.com
Mon Nov 30 16:13:29 UTC 2015


On 11/30/2015 8:45 PM, Sean Mullan wrote:
> You should change the comment above the calls to setupPrivateKeyAndChain
> as it still reflects the previous behavior.
Oops, forgot the update the comment.

Updated:
   http://cr.openjdk.java.net/~xuelei/8136442/webrev.01/

> Also, should this change only be applicable to TLS 1.2?
>
TLS 1.2 updates the spec (RFC 4279). The update can be applied to TLS
1.0 and 1.1, too.

Thanks,
Xuelei


> --Sean
> 
> On 11/29/2015 08:55 AM, Xuelei Fan wrote:
>> Hi,
>>
>> Please review the fix for JDK-8136442:
>>
>>     http://cr.openjdk.java.net/~xuelei/8136442/webrev.00/
>>
>> This update is proposing to remove the certificate signature algorithms
>> restrictions on cipher suites.
>>
>> Per TLS ECC spec [section 5.3, RFC 4492],
>>
>>     ECDHE_ECDSA Certificate MUST contain an ECDSA-capable public key.
>>                 It MUST be signed with ECDSA.
>>
>> RSA signed EC-key certs cannot be used for ECDHE_ECDSA cipher suites.
>> That's the current implementation.
>>
>> However, the restrictions on the algorithm used to sign certificates are
>> relaxed in TLS 1.2 [RFC 5246]. Certificate signature algorithms are no
>> longer tied to cipher suites. But we have not removed the restrictions
>> in our implementation yet.
>>
>> As this is a straightforward and simple fix, no new test case is planed.
>>
>> Thanks,
>> Xuelei
>>




More information about the security-dev mailing list