about JDK-8186628

Ivan Gerasimov ivan.gerasimov at oracle.com
Fri Apr 20 16:22:23 UTC 2018


Hello Nezih!

This issue is still being discussed off-list.
There have been two approaches proposed so far:  1) improve the session 
cache and 2) provide an option to turn the cache off completely.

The former one is good by itself, so I filed an enhancement request [1] 
with a link to proposal made by Peter Levart [2].
However, as this is an enhancement, it seems unlikely it's going to be 
backported to earlier releases of JDK.

With kind regards,
Ivan

[1] https://bugs.openjdk.java.net/browse/JDK-8202086
[2] 
http://mail.openjdk.java.net/pipermail/security-dev/2017-November/016512.html 


On 4/18/18 9:32 PM, nezih yigitbasi wrote:
> Hi,
> We are hitting the scalability problem of the SSL session cache in 
> production that JDK-8186628 is addressing.
> I see that JDK-8186628 has not been updated since Nov'17, so I just 
> wanted to get information about what the current plans are regarding 
> that issue.
>
> Thanks,
> Nezih

-- 
With kind regards,
Ivan Gerasimov

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/security-dev/attachments/20180420/15b68fba/attachment.html>


More information about the security-dev mailing list