[Internet]Re: Re: JEP Review Request: TLS Certificate Compression
Sean Mullan
sean.mullan at oracle.com
Wed Jul 6 18:40:33 UTC 2022
I haven't had time to look at this in detail yet. I would like a couple
more weeks to review the draft.
Thanks,
Sean
On 7/6/22 10:36 AM, xueleifan(XueleiFan) wrote:
>
>>>> https://bugs.openjdk.java.net/browse/JDK-8281710
>
> Could I get the JEP reviewed by adding his/her name to the “Reviewed By” filed in JBS so that we can move forward? Please let me know if you have concerns.
>
>
> Thanks,
> Xuelei
>
>> On Apr 13, 2022, at 2:47 PM, xueleifan(XueleiFan) <xueleifan at tencent.com> wrote:
>>
>> Hi Daniel,
>>
>> Actually, I’m considering the improvement, by using cached compressed certificates, for the implementation. The solution is not straightforward yet to me. But it is a direction I will consider seriously.
>>
>> Thanks,
>> Xuelei
>>
>>> On Apr 13, 2022, at 1:01 PM, Daniel Jeliński <djelinski1 at gmail.com> wrote:
>>>
>>> I like the idea of implementing certificate compression. Only one
>>> concern: TLS handshakes are generally a CPU-intensive operation, and
>>> certificate compression / decompression will only make it worse. Will
>>> it be possible to compress a certificate once and use it across
>>> multiple handshakes? Decompression has to be performed every time,
>>> obviously.
>>>
>>> Regards,
>>> Daniel
>>>
>>> pon., 21 mar 2022 o 16:49 xueleifan(XueleiFan) <xueleifan at tencent.com>
>>> napisał(a):
>>>>
>>>> Hi,
>>>>
>>>>
>>>> The JDK Enhancement Proposal, TLS Certificate Compression, has been opened for community review. Detailed, please refer to the draft:
>>>>
>>>> https://bugs.openjdk.java.net/browse/JDK-8281710
>>>>
>>>> and the discussion of this potential feature at security-dev:
>>>>
>>>> https://mail.openjdk.java.net/pipermail/security-dev/2022-March/029242.html
>>>>
>>>>
>>>> Please feel free to make comments and review the JEP.
>>>>
>>>> Thanks,
>>>> Xuelei
>>>
>>
>
More information about the security-dev
mailing list