CSR Review: 8208641: SSLSocket should throw an exception when configuring DTLS

Anthony Scarpino anthony.scarpino at oracle.com
Tue Aug 7 23:14:20 UTC 2018


Hi Xuelei,

I have updated the csr and I believe I have addressed your comments.

thanks

Tony

On 08/07/2018 01:43 PM, Xuelei Fan wrote:
> Hi Tony,
> 
> Would you mind make it clear that this impact the JDK JSSE provider 
> only?  Third party's provider may be able to support DTLS with SSLSocket.
> 
> I think there may be no specification change.  The 
> SSLContext.getServerSocketFactory() and SSLContext.getSocketFactory() 
> defines the spec if the algorithm is not supported by the underlying 
> provider, "UnsupportedOperationException - if the underlying provider 
> does not implement the operation.".  I may prefer to make it clear that 
> this is just a behavior change of the JDK JSSE provider (SunJSSE).  The 
> SunJSSE provider now throws UnsupportedOperationException for creating 
> SSL(Server)SocketFactory with DTLS SSLContext, because it does not 
> actually support DTLS SSLSocket.
> 
> In Solution section, "Throwing a UnsupportedOperationException when 
> getting a socket from the SSLServerSocketFactory or SSLSocketFactory for 
> DTLS."   I guess you meant, throwing a UOE when calling 
> SSLContext.getServerSocketFactory() and SSLContext.getSocketFactory()?
> 
> Thanks,
> Xuelei
> 
> On 8/7/2018 12:17 PM, Anthony Scarpino wrote:
>> I need a review of a CSR for SSLSocket should throw an exception when 
>> configuring DTLS.  We are targeting this for 12 right now.
>>
>> https://bugs.openjdk.java.net/browse/JDK-8209031
>>
>> thanks
>>
>> Tony
>>




More information about the security-dev mailing list