KRB5 (was Re: Code Review Request: TLS 1.3 Implementation)

Weijun Wang weijun.wang at oracle.com
Thu Jun 7 08:45:22 UTC 2018


And there are the Kerberos word in public APIs:

share/classes/javax/net/ssl/SSLContext.java
336:     * Some cipher suites (such as Kerberos) require remote hostname
366:     * Some cipher suites (such as Kerberos) require remote hostname

share/classes/javax/net/ssl/HttpsURLConnection.java
106:     * such as Kerberos, will throw an SSLPeerUnverifiedException.
130:     * such as Kerberos.
134:     * KerberosPrincipal for Kerberos cipher suites.
158:     * return null for non-certificate based ciphersuites, such as Kerberos.
162:     * KerberosPrincipal for Kerberos cipher suites. If no principal was

share/classes/javax/net/ssl/SSLContextSpi.java
90:     * Some cipher suites (such as Kerberos) require remote hostname
110:     * Some cipher suites (such as Kerberos) require remote hostname

share/classes/javax/net/ssl/SSLEngine.java
395:     * Some cipher suites (such as Kerberos) require remote hostname
397:     * constructor to use Kerberos.

share/classes/javax/net/ssl/SSLSession.java
221:     * such as Kerberos, will throw an SSLPeerUnverifiedException.
264:     * such as Kerberos, will throw an SSLPeerUnverifiedException.
295:     * KerberosPrincipal for Kerberos cipher suites.
313:     * KerberosPrincipal for Kerberos cipher suites. If no principal was

share/classes/javax/net/ssl/HandshakeCompletedEvent.java
122:     * such as Kerberos, will throw an SSLPeerUnverifiedException.
145:     * such as Kerberos, will throw an SSLPeerUnverifiedException.
178:     * KerberosPrincipal for Kerberos cipher suites.
208:     * KerberosPrincipal for Kerberos cipher suites. If no principal was

--Max

> On Jun 7, 2018, at 4:31 PM, Weijun Wang <weijun.wang at oracle.com> wrote:
> 
> I still see K_KRB5 KeyExchange and TLS_KRB5_WITH_3DES_EDE_CBC_SHA etc in CipherSuite.java. Shall I also remove them.
> 
> Thanks
> Max
> 



More information about the security-dev mailing list