RFR [15] JDK-8242145, New System Properties to configure the TLS signature schemes
Xuelei Fan
xuelei.fan at oracle.com
Wed Apr 15 20:56:03 UTC 2020
On 4/15/2020 12:44 PM, Sean Mullan wrote:
> Should the CSR say what the default schemes are if the properties are
> not set?
I added the default value sections.
> Also, are the schemes case-insensitive?
Standard names are not case-sensitive, per the Standard Algorithm Names
Specification. I added notes in the CSR.
> Also, what is the
> behavior if there are syntax errors (ex: not using a comma) in the format?
>
It was stated that "Unrecognized or unsupported signature scheme names
specified in the property are ignored".
Thanks,
Xuelei
> --Sean
>
> On 4/14/20 11:42 PM, Xuelei Fan wrote:
>> ping ...
>>
>> On 4/3/2020 4:13 PM, Xuelei Fan wrote:
>>> Hi,
>>>
>>> Could I get the following update reviewed?
>>>
>>> Webrev: http://cr.openjdk.java.net/~xuelei/8242145/webrev.00/
>>>
>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8242141
>>> CSR: https://bugs.openjdk.java.net/browse/JDK-8242145
>>> Release-note: https://bugs.openjdk.java.net/browse/JDK-8242147
>>>
>>> A third party's TLS implementation may not be able to handle a
>>> certain signature schemes, and cannot interop with JDK. Although the
>>> implementation does not comply to TLS specifications, the impact
>>> could be significant if an application that uses the implementation
>>> is popular.
>>>
>>> Thanks,
>>> Xuelei
More information about the security-dev
mailing list