[Internet]Re: JEP Review Request: TLS Certificate Compression
xueleifan(XueleiFan)
xueleifan at tencent.com
Wed Apr 13 21:47:39 UTC 2022
Hi Daniel,
Actually, I’m considering the improvement, by using cached compressed certificates, for the implementation. The solution is not straightforward yet to me. But it is a direction I will consider seriously.
Thanks,
Xuelei
> On Apr 13, 2022, at 1:01 PM, Daniel Jeliński <djelinski1 at gmail.com> wrote:
>
> I like the idea of implementing certificate compression. Only one
> concern: TLS handshakes are generally a CPU-intensive operation, and
> certificate compression / decompression will only make it worse. Will
> it be possible to compress a certificate once and use it across
> multiple handshakes? Decompression has to be performed every time,
> obviously.
>
> Regards,
> Daniel
>
> pon., 21 mar 2022 o 16:49 xueleifan(XueleiFan) <xueleifan at tencent.com>
> napisał(a):
>>
>> Hi,
>>
>>
>> The JDK Enhancement Proposal, TLS Certificate Compression, has been opened for community review. Detailed, please refer to the draft:
>>
>> https://bugs.openjdk.java.net/browse/JDK-8281710
>>
>> and the discussion of this potential feature at security-dev:
>>
>> https://mail.openjdk.java.net/pipermail/security-dev/2022-March/029242.html
>>
>>
>> Please feel free to make comments and review the JEP.
>>
>> Thanks,
>> Xuelei
>
More information about the security-dev
mailing list