TLS ALPN Proposal v7

Bradford Wetmore bradford.wetmore at oracle.com
Thu Oct 8 17:32:25 UTC 2015


> On Sat, Oct 3, 2015 at 2:19 AM, Bradford Wetmore
> <bradford.wetmore at oracle.com> wrote:
>> Thanks for the comments everyone.  I'm submitting the following to the CCC
>> (internal review board):
>>
>>      http://cr.openjdk.java.net/~wetmore/8051498/webrev.17/
>>
>> Changes:
>>
>> 1.  No H2 Blacklist/Comparator
>>
>> 2.  set/getApplicationProtocols() back to SSLParameters.
>
> Have you implemented this solution already ?

It is underway.  The guts was already done based on previous API 
versions.  The new API is less involved, so it should be simpler to do 
as it's just cutting out the existing ciphersuite/ALPN selection stuff.

> Also for clients ?

Client/server are both externally(API)/internally essentially the same. 
  The big difference is that for clients you send all the values passed 
in, for servers you only consult the first which is the selected ALPN value.

> Do you have feedback on actually implementing ALPN in this way ?

Based on what I saw previously, it should be pretty straighforward.

Brad


More information about the security-dev mailing list