Code Review Request: TLS 1.3 Implementation
Xuelei Fan
xuelei.fan at oracle.com
Fri Jun 15 21:10:36 UTC 2018
Update: http://hg.openjdk.java.net/jdk/sandbox/rev/125890684a60
Supports supported_versions extension for TLS 1.2 and prior versions.
Xuelei
On 6/15/2018 7:56 AM, Xuelei Fan wrote:
> SSLExtension.java
> -----------------
> The "supported_versions" can be used in TLS 1.2 ClientHello, per the
> specification:
>
> Implementations of TLS 1.3 which choose to support prior
> versions of TLS SHOULD support TLS 1.2. Servers MUST be prepared to
> receive ClientHellos that include this extension but do not include
> 0x0304 in the list of versions.
>
> Although, the extension cannot be use in ServerHello for TLS 1.2 and
> prior versions:
>
> A server which negotiates a version of TLS prior to TLS 1.3 MUST set
> ServerHello.version and MUST NOT send the "supported_versions"
> extension.
>
> Xuelei
>
> On 6/8/2018 10:21 AM, Xuelei Fan wrote:
>> Here is the 3rd full webrev:
>> http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.02
>>
>> and the delta update to the 1st webrev:
>> http://cr.openjdk.java.net/~xuelei/8196584/webrev-delta.01
>>
>> Xuelei
>>
>> On 6/3/2018 9:43 PM, Xuelei Fan wrote:
>>> Hi,
>>>
>>> Here it the 2nd full webrev:
>>> http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.01
>>>
>>> and the delta update to the 1st webrev:
>>> http://cr.openjdk.java.net/~xuelei/8196584/webrev-delta.00/
>>>
>>> Xuelei
>>>
>>> On 5/25/2018 4:45 PM, Xuelei Fan wrote:
>>>> Hi,
>>>>
>>>> I'd like to invite you to review the TLS 1.3 implementation. I
>>>> appreciate it if I could have compatibility and specification
>>>> feedback before May 31, 2018, and implementation feedback before
>>>> June 7, 2018.
>>>>
>>>> Here is the webrev:
>>>> http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.00
>>>>
>>>> The formal TLS 1.3 specification is not finalized yet, although it
>>>> had been approved to be a standard. The implementation is basedon
>>>> the draft version 28:
>>>> https://tools.ietf.org/html/draft-ietf-tls-tls13-28
>>>>
>>>> For the overall description of this enhancement, please refer to JEP
>>>> 332:
>>>> http://openjdk.java.net/jeps/332
>>>>
>>>> For the compatibility and specification update, please refer to CSR
>>>> 8202625:
>>>> https://bugs.openjdk.java.net/browse/JDK-8202625
>>>>
>>>> Note that we are using the sandbox for the development right now.
>>>> For more information, please refer to Bradford's previous email:
>>>>
>>>> http://mail.openjdk.java.net/pipermail/security-dev/2018-May/017139.html
>>>>
>>>>
>>>> Thanks & Regards,
>>>> Xuelei
More information about the security-dev
mailing list