RFR[12] JDK-8210632: Add key exchange algorithm to javax/net/ssl/TLSCommon/CipherSuite.java

Xuelei Fan xuelei.fan at oracle.com
Tue Oct 16 15:20:15 UTC 2018


Looks fine to me.

There is another potential improvement to divide the ECDHE_RSA, and 
other KeyExAlgorithms, into two parts, the key exchange algorithm 
(ECDHE), certificate key algorithm (EC) and the optional certificate 
signature algorithms (RSA).

Thanks,
Xuelei

On 10/16/2018 1:08 AM, sha.jiang at oracle.com wrote:
> Ping...
> 
> On 2018/10/10 11:25, sha.jiang at oracle.com wrote:
>> Hi,
>> It would be better that javax/net/ssl/TLSCommon/CipherSuite.java has 
>> an attribute on key exchange algorithm.
>> This attribute could be used on selecting appropriate certificates by 
>> some tests.
>>
>> Issue: https://bugs.openjdk.java.net/browse/JDK-8210632
>> Webrev: http://cr.openjdk.java.net/~jjiang/8210632/webrev.00/
>>
>> Best regards,
>> John Jiang
>>
>>
> 



More information about the security-dev mailing list