RFR: 8245527: LDAP Channel Binding support for Java GSS/Kerberos [v2]
Neustradamus
duke at openjdk.org
Mon Aug 1 22:29:46 UTC 2022
On Tue, 22 Sep 2020 20:19:21 GMT, Alexey Bakhtin <abakhtin at openjdk.org> wrote:
>> Hi,
>>
>> Plaese review JDK-8245527 fix which implements LDAP Channel Binding support for Java GSS/Kerberos.
>> Initial review is available at core-devs: https://mail.openjdk.java.net/pipermail/core-libs-dev/2020-August/068197.html
>> This version removes "tls-unique" CB type from the list of possible channel binding types. The only supported type is "tls-server-end-point"
>>
>> CSR is also updated : https://bugs.openjdk.java.net/browse/JDK-8247311
>>
>> Thank you
>> Alexey
>
> Alexey Bakhtin has updated the pull request incrementally with one additional commit since the last revision:
>
> 8245527: version.01
@alexeybakhtin: It is official for TLS 1.3 Binding!
- RFC 9266: Channel Bindings for TLS 1.3: https://tools.ietf.org/html/rfc9266
Details:
- tls-unique for TLS =< 1.2
- tls-exporter for TLS = 1.3
Can you look to add it?
Thanks in advance.
-------------
PR: https://git.openjdk.org/jdk/pull/278
More information about the security-dev
mailing list