RFR JDK-8211806: TLS 1.3 handshake server name indication is missing on a session resume
Jamil Nimeh
jamil.j.nimeh at oracle.com
Sat Oct 13 04:39:22 UTC 2018
Hello all,
This addresses an issue where the client hello in a resumed TLS 1.3
session lacks the server_name client hello extension. This can cause
servers who use this extension field to direct traffic to websites to
present other certificate chains for other websites than the one the
client actually desires (and specified in the original client hello
where the extension is present).
JBS: https://bugs.openjdk.java.net/browse/JDK-8211806
Webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8211806/
Happy Friday!
--Jamil
More information about the security-dev
mailing list