Align SSLSocket and SSLEngine Javadocs
Simone Bordet
simone.bordet at gmail.com
Mon Aug 27 09:37:41 UTC 2018
Hi,
SSLSocket.startHandshake() and SSLEngine.beginHandshake() are similar
in that they start the TLS handshake, but they can also be used after
the TLS handshake.
SSLSocket.startHandshake() Javadoc seems to be more generic,
describing that the method may not only start a new handshake but also
be used to update encryption keys etc.
Especially in light of TLS 1.3 where renegotiation is forbidden, I
would like the Javadoc of these method to align and describe exactly
when they do with respect to the TLS protocol version.
Thanks!
--
Simone Bordet
---
Finally, no matter how good the architecture and design are,
to deliver bug-free software with optimal performance and reliability,
the implementation technique must be flawless. Victoria Livschitz
More information about the security-dev
mailing list