Code Review Request: TLS 1.3 Implementation
Xuelei Fan
xuelei.fan at oracle.com
Tue Jun 19 00:01:41 UTC 2018
On 6/18/2018 12:28 PM, Valerie Peng wrote:
> Hi Xuelei,
>
> <src/java.base/share/classes/sun/security/ssl/CertSignAlgsExtension.java>
> Looks fine.
> <src/java.base/share/classes/sun/security/ssl/ExtendedMasterSecretExtension.java>
> -line 39, I didn't find info on extended master secret extension in RFC
> 5746? It looks like the original comment which refers to RFC7627
> "Transport Layer Security (TLS) Session Hash anf Extended Master Secret
> Extension" matches better.
>
Yes, RFC 7627 should be used instead.
> <src/java.base/share/classes/sun/security/ssl/SignatureAlgorithmsExtension.java>
> Looks fine.
>
Thanks!
Xuelei
> Valerie
>
> **
> On 5/25/2018 4:45 PM, Xuelei Fan wrote:
>> Hi,
>>
>> I'd like to invite you to review the TLS 1.3 implementation. I
>> appreciate it if I could have compatibility and specification feedback
>> before May 31, 2018, and implementation feedback before June 7, 2018.
>>
>> Here is the webrev:
>> http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.00
>>
>> The formal TLS 1.3 specification is not finalized yet, although it had
>> been approved to be a standard. The implementation is based on the
>> draft version 28:
>> https://tools.ietf.org/html/draft-ietf-tls-tls13-28
>>
>> For the overall description of this enhancement, please refer to JEP 332:
>> http://openjdk.java.net/jeps/332
>>
>> For the compatibility and specification update, please refer to CSR
>> 8202625:
>> https://bugs.openjdk.java.net/browse/JDK-8202625
>>
>> Note that we are using the sandbox for the development right now. For
>> more information, please refer to Bradford's previous email:
>>
>> http://mail.openjdk.java.net/pipermail/security-dev/2018-May/017139.html
>>
>> Thanks & Regards,
>> Xuelei
>
More information about the security-dev
mailing list