TLS ALPN Proposal v7
Bradford Wetmore
bradford.wetmore at oracle.com
Thu Oct 8 17:32:25 UTC 2015
> On Sat, Oct 3, 2015 at 2:19 AM, Bradford Wetmore
> <bradford.wetmore at oracle.com> wrote:
>> Thanks for the comments everyone. I'm submitting the following to the CCC
>> (internal review board):
>>
>> http://cr.openjdk.java.net/~wetmore/8051498/webrev.17/
>>
>> Changes:
>>
>> 1. No H2 Blacklist/Comparator
>>
>> 2. set/getApplicationProtocols() back to SSLParameters.
>
> Have you implemented this solution already ?
It is underway. The guts was already done based on previous API
versions. The new API is less involved, so it should be simpler to do
as it's just cutting out the existing ciphersuite/ALPN selection stuff.
> Also for clients ?
Client/server are both externally(API)/internally essentially the same.
The big difference is that for clients you send all the values passed
in, for servers you only consult the first which is the selected ALPN value.
> Do you have feedback on actually implementing ALPN in this way ?
Based on what I saw previously, it should be pretty straighforward.
Brad
More information about the security-dev
mailing list