CSR Review Request, JDK-8213577, Update the default SSL session cache size to 20480

Xuelei Fan xuelei.fan at oracle.com
Fri Nov 9 18:13:25 UTC 2018


On 11/9/2018 9:34 AM, Jamil Nimeh wrote:
> Hi Xuelei,
> 
> Content looks good.  I'd remove specific references to Amazon from the 
> CSR (it's fine to leave it in the source bug though).
Removed.

> Where'd you get 
> the 20480 session cache limit from?  I saw a similar limit using the 
> builtin SSL session cache from NGINX, is that where that number comes 
> from?  Or is that common to other TLS library or webserver cache sizes?
> 
The number is coming from what NGINX is using.  In the bug description, 
it is said 10K could be a good one.  However, the number is really 
depends on the platform resources.  I'd like to use a bigger one so that 
the performance impact of the existing applications is as minimal as 
possible.

Thanks,
Xuelei

> --Jamil
> 
> On 11/8/2018 8:00 PM, Xuelei Fan wrote:
>> Hi,
>>
>> Please review the proposal to update the default SSL session cache 
>> size from infinite to 20480.
>>   https://bugs.openjdk.java.net/browse/JDK-8213577
>>
>> I know that the default 20480 does not fit all.  I'd appreciate your 
>> feedback if the value is acceptable.
>>
>> Thanks,
>> Xuelei
> 



More information about the security-dev mailing list