Code Review Request: JDK-6491070 (Support for RFC 5929-Channel Bindings)

Martin Balao mbalao at redhat.com
Mon Jul 31 15:53:13 UTC 2017


Hi,

Here it is an update for the proposed TLS Channel Bindings support in
OpenJDK:

 *
http://cr.openjdk.java.net/~sgehwolf/webrevs/mbalaoal/JDK-6491070/webrev.02/
(browse online)
 *
http://cr.openjdk.java.net/~sgehwolf/webrevs/mbalaoal/JDK-6491070/webrev.02/6491070.webrev.02.zip
(download)

Changes since v01:

 * getTlsChannelBinding API changed to return null by default (if not
implemented), instead of throwing an UnsupportedOperationException.

 * "tls-server-end-point" TLS channel binding now supported.

Kind regards,
Martin.-

On Wed, Jul 26, 2017 at 4:12 PM, Martin Balao <mbalao at redhat.com> wrote:

> Hi,
>
> Here it is my proposal for JDK-6491070 (Support for RFC 5929-Channel
> Bindings: e.g. public API to obtain TLS finished message) [1]:
>
>  * http://cr.openjdk.java.net/~sgehwolf/webrevs/mbalaoal/JDK-
> 6491070/webrev.01/
>  * http://cr.openjdk.java.net/~sgehwolf/webrevs/mbalaoal/JDK-
> 6491070/webrev.01/6491070.webrev.01.zip
>
> Notes:
>
>  * Implementation based on Channel Bindings for TLS (RFC 5929) [2]
>
>  * Only "tls-unique" currently supported
>
> Look forward to your comments.
>
> Kind regards,
> Martin.-
>
> --
> [1] - https://bugs.openjdk.java.net/browse/JDK-6491070
> [2] - https://tools.ietf.org/html/rfc5929
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/security-dev/attachments/20170731/8fb2d3d1/attachment.html>


More information about the security-dev mailing list