RFR [15] JDK-8242145, New System Properties to configure the TLS signature schemes
Xuelei Fan
xuelei.fan at oracle.com
Wed Apr 15 16:41:30 UTC 2020
All good catches. The webrev was updated accordingly:
Webrev: http://cr.openjdk.java.net/~xuelei/8242145/webrev.00/
Xuelei
On 4/14/2020 10:03 PM, Jamil Nimeh wrote:
> Looks pretty good, a couple questions/comments:
>
> * SSLConfiguration.java
> o Line 471-473: Does the call to SignatureScheme.nameOf(String)
> ever throw IAE? I don't see anything in the for-each loop in
> that method that would.
> * CustomizedClientSchemes and CustomizedServerSchemes
> o Line 44 (both): Just a nit, but the comment looks like it was
> lifted from a different test and should be changed to reflect
> that your forcing a single signature scheme.
>
> --Jamil
>
> On 4/14/2020 8:42 PM, Xuelei Fan wrote:
>> ping ...
>>
>> On 4/3/2020 4:13 PM, Xuelei Fan wrote:
>>> Hi,
>>>
>>> Could I get the following update reviewed?
>>>
>>> Webrev: http://cr.openjdk.java.net/~xuelei/8242145/webrev.00/
>>>
>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8242141
>>> CSR: https://bugs.openjdk.java.net/browse/JDK-8242145
>>> Release-note: https://bugs.openjdk.java.net/browse/JDK-8242147
>>>
>>> A third party's TLS implementation may not be able to handle a
>>> certain signature schemes, and cannot interop with JDK. Although the
>>> implementation does not comply to TLS specifications, the impact
>>> could be significant if an application that uses the implementation
>>> is popular.
>>>
>>> Thanks,
>>> Xuelei
More information about the security-dev
mailing list