Status of JDK-8207031

Jeroen Cranendonk j.p.cranendonk at
Wed Feb 27 17:09:39 UTC 2019


Thanks for the reply :)

To add comments on the JIRA one needs to be at least an OpenJDK
Contributor I think, which I am not (and which would involve signing
the Oracle Contributor Agreement).
So the mailing list is my only way of communication on the issue I
think, feel free to correct me if I am wrong :)

I think/hope that over the next two weeks we can do an in depth
analysis of the problem, I will know better how high the prio is for
us then.
Right now I'm not sure yet if this is limited to certain
ciphers/protocols, if it's only client,server, or both, and there
might be a new pkcs11 dll which we can use which may or may not
support the CKM_SSL3_PRE_MASTER_KEY_GEN mechanism, which would be a
work around.

I take it you don't know the details of the internal debate? Was it
more whether to fix this, or on which approach to take?


Jeroen Cranendonk
     Java Developer

On 26/02/2019 23:19, Valerie Peng wrote:
> I recall that there was some debate with the fix internally. So, maybe 
> more polishing is needed. Just my guess.
> If it's really critical to you, maybe you should add a comment to the 
> bug record. Currently, it's just a P4 bug which may not get much 
> cycles depending on the RE's cycles as well as the complexity of the fix.
> Valerie
> On 2/24/2019 11:09 PM, Jeroen Cranendonk wrote:
>> Sorry to bump my own mail, but is there anyone who could possibly 
>> have a look at this? :)
>> I've got a feeling everyone is hoping someone else will :)
>> Cheers!
>> On 11/02/2019 11:43, Jeroen Cranendonk wrote:
>>> Hi!
>>> I'm wondering what the status is on the issue: 
>>> I saw a request for review:
>>> But I don't think that's been followed up on?
>>> We are looking to switch to Java 11, and this is becoming one of the 
>>> biggest blockers to us :)
>>> Cheers!
>>> --000000000000ea0d4005819bf889--) 

More information about the security-dev mailing list