CSR Review Request, JDK-8213577, Update the default SSL session cache size to 20480
Xuelei Fan
xuelei.fan at oracle.com
Fri Nov 9 18:13:25 UTC 2018
On 11/9/2018 9:34 AM, Jamil Nimeh wrote:
> Hi Xuelei,
>
> Content looks good. I'd remove specific references to Amazon from the
> CSR (it's fine to leave it in the source bug though).
Removed.
> Where'd you get
> the 20480 session cache limit from? I saw a similar limit using the
> builtin SSL session cache from NGINX, is that where that number comes
> from? Or is that common to other TLS library or webserver cache sizes?
>
The number is coming from what NGINX is using. In the bug description,
it is said 10K could be a good one. However, the number is really
depends on the platform resources. I'd like to use a bigger one so that
the performance impact of the existing applications is as minimal as
possible.
Thanks,
Xuelei
> --Jamil
>
> On 11/8/2018 8:00 PM, Xuelei Fan wrote:
>> Hi,
>>
>> Please review the proposal to update the default SSL session cache
>> size from infinite to 20480.
>> https://bugs.openjdk.java.net/browse/JDK-8213577
>>
>> I know that the default 20480 does not fit all. I'd appreciate your
>> feedback if the value is acceptable.
>>
>> Thanks,
>> Xuelei
>
More information about the security-dev
mailing list