Status of JDK-8207031

Jeroen Cranendonk j.p.cranendonk at gmail.com
Wed Feb 27 17:09:39 UTC 2019


Hi!

Thanks for the reply :)

To add comments on the JIRA one needs to be at least an OpenJDK
Contributor I think, which I am not (and which would involve signing
the Oracle Contributor Agreement).
So the mailing list is my only way of communication on the issue I
think, feel free to correct me if I am wrong :)

I think/hope that over the next two weeks we can do an in depth
analysis of the problem, I will know better how high the prio is for
us then.
Right now I'm not sure yet if this is limited to certain
ciphers/protocols, if it's only client,server, or both, and there
might be a new pkcs11 dll which we can use which may or may not
support the CKM_SSL3_PRE_MASTER_KEY_GEN mechanism, which would be a
work around.

I take it you don't know the details of the internal debate? Was it
more whether to fix this, or on which approach to take?

Cheers!

Jeroen Cranendonk
     Java Developer

On 26/02/2019 23:19, Valerie Peng wrote:
> I recall that there was some debate with the fix internally. So, maybe 
> more polishing is needed. Just my guess.
>
> If it's really critical to you, maybe you should add a comment to the 
> bug record. Currently, it's just a P4 bug which may not get much 
> cycles depending on the RE's cycles as well as the complexity of the fix.
>
> Valerie
>
> On 2/24/2019 11:09 PM, Jeroen Cranendonk wrote:
>> Sorry to bump my own mail, but is there anyone who could possibly 
>> have a look at this? :)
>>
>> I've got a feeling everyone is hoping someone else will :)
>>
>> Cheers!
>>
>>
>> On 11/02/2019 11:43, Jeroen Cranendonk wrote:
>>> Hi!
>>>
>>> I'm wondering what the status is on the issue: 
>>> https://bugs.openjdk.java.net/browse/JDK-8207031
>>>
>>> I saw a request for review:
>>> https://mail.openjdk.java.net/pipermail/security-dev/2018-July/017581.html 
>>>
>>> But I don't think that's been followed up on?
>>>
>>> We are looking to switch to Java 11, and this is becoming one of the 
>>> biggest blockers to us :)
>>>
>>> Cheers!
>>>
>>> --000000000000ea0d4005819bf889--) 


More information about the security-dev mailing list