Code Review Request JDK-8046294 Generate the 4-byte timestamp randomly
Wang Weijun
weijun.wang at oracle.com
Mon May 23 06:26:48 UTC 2016
Code change looks good.
Thanks
Max
> On May 23, 2016, at 11:36 AM, Xuelei Fan <xuelei.fan at oracle.com> wrote:
>
> Hi,
>
> Please review the update of SunJSSE provider in JDK 9:
>
> http://cr.openjdk.java.net/~xuelei/8046294/webrev/
>
> In TLS 1.2 and previous protocols, the client and server random value
> are defined as:
>
> struct {
> uint32 gmt_unix_time;
> opaque random_bytes[28];
> } Random;
>
> NIST SP 800-52 is suggesting to replace gmt_unix_time with random
> values. In TLS 1.3, the value will be updated to:
>
> struct {
> opaque random_bytes[32];
> } Random;
>
> The 4-byte timestamp will not be used any more.
>
> Per the NIST recommendation, this update will replace timestamp with
> random values. Considering the coming update of TLS 1.3, the
> compatibility impact should be minimal.
>
> Thanks,
> Xuelei
More information about the security-dev
mailing list