RFR 8072996: Deprecate stream-based GSSContext methods
Sean Mullan
sean.mullan at oracle.com
Thu May 24 17:06:50 UTC 2018
For the new paragraph in GSSContext, I think you should quote RFC 8353
since you are taking the wording from that. You should also say "Java SE
11" instead of "JDK 11". So here is a possible re-wording:
The stream-based methods of {@code GSSContext} have been deprecated in
Java SE 11. These methods have also been removed from <a
href="http://tools.ietf.org/html/rfc8353">
RFC 8353: Generic Security Service API Version 2: Java Bindings
Update</a> for the following reasons (see section 11): "The overloaded
methods of GSSContext that use input and output streams as the means to
convey authentication and per-message GSS-API tokens as described in
Section 5.15 of RFC 5653 [RFC5653] are removed in this update as the
wire protocol should be defined by an application and not a library.
It's also impossible to implement these methods correctly when the token
has no self-framing (where the end cannot be determined), or the library
has no knowledge of the token format (for example, as a bridge talking
to another GSS library)". These methods include {@link
#initSecContext(InputStream, OutputStream)}, {@link
#acceptSecContext(InputStream, OutputStream)},
{@link #wrap(InputStream, OutputStream, MessageProp)}, {@link
#unwrap(InputStream, OutputStream, MessageProp)}, {@link
#getMIC(InputStream, OutputStream, MessageProp)}, and {@link
#verifyMIC(InputStream, InputStream, MessageProp)}.
I would probably also move this paragraph higher up in the class
summary, before the example.
--Sean
On 5/24/18 2:12 AM, Weijun Wang wrote:
> RFC 8353 has removed stream-based GSSContext methods [1]. Therefore we deprecate them in JDK. Please take a review at
>
> webrev: http://cr.openjdk.java.net/~weijun/8072996/webrev.00/
> CSR: https://bugs.openjdk.java.net/browse/JDK-8202953
>
> Thanks
> Max
>
> [1] https://tools.ietf.org/html/rfc8353#section-11
>
More information about the security-dev
mailing list