RFR: 8270344: Session resumption errors [v3]

Sean Coffey coffeys at openjdk.java.net
Thu Aug 19 11:30:54 UTC 2021


> Corner case where a session resumption can fail if the TLS server changes supported protocol versions in relation to a cached SSLSession. This is primarily an issue where the legacy TLS version is used in place of the newer "supported_versions" TLS extension.

Sean Coffey has updated the pull request incrementally with one additional commit since the last revision:

  Remove whitespace in test

-------------

Changes:
  - all: https://git.openjdk.java.net/jdk/pull/5110/files
  - new: https://git.openjdk.java.net/jdk/pull/5110/files/0a24d520..86ae055f

Webrevs:
 - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=5110&range=02
 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=5110&range=01-02

  Stats: 1 line in 1 file changed: 0 ins; 0 del; 1 mod
  Patch: https://git.openjdk.java.net/jdk/pull/5110.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/5110/head:pull/5110

PR: https://git.openjdk.java.net/jdk/pull/5110


More information about the security-dev mailing list