Code Review Request: TLS 1.3 Implementation
Valerie Peng
valerie.peng at oracle.com
Mon Jun 11 22:44:49 UTC 2018
Hi Xuelei,
<sun/security/ssl/SSLConfiguration.java>
- If no child class intended, class may be made final.
- line 99-101 and 120-133: delete as the comments said so?
- I have some doubt on line 191 and 198, does "noSniExtension/Matcher"
means "no SNI Extension/Matcher"? If yes, it seems that the condition
should be
if (serverNames.isEmpty() || noSniExtension) {
- Essentially getEnabledExtensions(SSLHandshake, ProtocolVersion) is
almost same as getEnabledExtensions(SSLHandshake,
List<ProtocolVersion>. It looks possible to refactor the impl to
minimize code duplication. But this is no big deal.
Thanks,
Valerie
On 5/25/2018 4:45 PM, Xuelei Fan wrote:
> Hi,
>
> I'd like to invite you to review the TLS 1.3 implementation. I
> appreciate it if I could have compatibility and specification feedback
> before May 31, 2018, and implementation feedback before June 7, 2018.
>
> Here is the webrev:
> http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.00
>
> The formal TLS 1.3 specification is not finalized yet, although it had
> been approved to be a standard. The implementation is based on the
> draft version 28:
> https://tools.ietf.org/html/draft-ietf-tls-tls13-28
>
> For the overall description of this enhancement, please refer to JEP 332:
> http://openjdk.java.net/jeps/332
>
> For the compatibility and specification update, please refer to CSR
> 8202625:
> https://bugs.openjdk.java.net/browse/JDK-8202625
>
> Note that we are using the sandbox for the development right now. For
> more information, please refer to Bradford's previous email:
>
> http://mail.openjdk.java.net/pipermail/security-dev/2018-May/017139.html
>
> Thanks & Regards,
> Xuelei
More information about the security-dev
mailing list