RFR 8072996: Deprecate stream-based GSSContext methods

Weijun Wang weijun.wang at oracle.com
Fri May 25 00:27:02 UTC 2018 

CSR and webrev updated.

   webrev: http://cr.openjdk.java.net/~weijun/8072996/webrev.01/
      CSR: https://bugs.openjdk.java.net/browse/JDK-8202953

Thanks
Max

> On May 25, 2018, at 1:06 AM, Sean Mullan <sean.mullan at oracle.com> wrote:
> 
> For the new paragraph in GSSContext, I think you should quote RFC 8353 since you are taking the wording from that. You should also say "Java SE 11" instead of "JDK 11". So here is a possible re-wording:
> 
> The stream-based methods of {@code GSSContext} have been deprecated in Java SE 11. These methods have also been removed from <a href="http://tools.ietf.org/html/rfc8353">
> RFC 8353: Generic Security Service API Version 2: Java Bindings Update</a> for the following reasons (see section 11): "The overloaded methods of GSSContext that use input and output streams as the means to convey authentication and per-message GSS-API tokens as described in Section 5.15 of RFC 5653 [RFC5653] are removed in this update as the wire protocol should be defined by an application and not a library. It's also impossible to implement these methods correctly when the token has no self-framing (where the end cannot be determined), or the library has no knowledge of the token format (for example, as a bridge talking
> to another GSS library)". These methods include {@link #initSecContext(InputStream, OutputStream)}, {@link #acceptSecContext(InputStream, OutputStream)},
> {@link #wrap(InputStream, OutputStream, MessageProp)}, {@link #unwrap(InputStream, OutputStream, MessageProp)}, {@link #getMIC(InputStream, OutputStream, MessageProp)}, and {@link #verifyMIC(InputStream, InputStream, MessageProp)}.
> 
> I would probably also move this paragraph higher up in the class summary, before the example.
> 
> --Sean
> 
> On 5/24/18 2:12 AM, Weijun Wang wrote:
>> RFC 8353 has removed stream-based GSSContext methods [1]. Therefore we deprecate them in JDK. Please take a review at
>>    webrev: http://cr.openjdk.java.net/~weijun/8072996/webrev.00/
>>       CSR: https://bugs.openjdk.java.net/browse/JDK-8202953
>> Thanks
>> Max
>> [1] https://tools.ietf.org/html/rfc8353#section-11

More information about the security-dev mailing list