RFR [15] JDK-8242145, New System Properties to configure the TLS signature schemes
Jamil Nimeh
jamil.j.nimeh at oracle.com
Wed Apr 15 05:03:45 UTC 2020
Looks pretty good, a couple questions/comments:
* SSLConfiguration.java
o Line 471-473: Does the call to SignatureScheme.nameOf(String)
ever throw IAE? I don't see anything in the for-each loop in
that method that would.
* CustomizedClientSchemes and CustomizedServerSchemes
o Line 44 (both): Just a nit, but the comment looks like it was
lifted from a different test and should be changed to reflect
that your forcing a single signature scheme.
--Jamil
On 4/14/2020 8:42 PM, Xuelei Fan wrote:
> ping ...
>
> On 4/3/2020 4:13 PM, Xuelei Fan wrote:
>> Hi,
>>
>> Could I get the following update reviewed?
>>
>> Webrev: http://cr.openjdk.java.net/~xuelei/8242145/webrev.00/
>>
>> Bug: https://bugs.openjdk.java.net/browse/JDK-8242141
>> CSR: https://bugs.openjdk.java.net/browse/JDK-8242145
>> Release-note: https://bugs.openjdk.java.net/browse/JDK-8242147
>>
>> A third party's TLS implementation may not be able to handle a
>> certain signature schemes, and cannot interop with JDK. Although the
>> implementation does not comply to TLS specifications, the impact
>> could be significant if an application that uses the implementation
>> is popular.
>>
>> Thanks,
>> Xuelei
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20200414/692d4419/attachment.htm>
More information about the security-dev
mailing list