RFR: 8372526: Add support for ZLIB TLS Certificate Compression [v6]
Jaikiran Pai
jpai at openjdk.org
Fri Jan 23 09:32:30 UTC 2026
On Fri, 23 Jan 2026 03:33:52 GMT, Artur Barashev <abarashev at openjdk.org> wrote:
>> Implement certificate compression in TLS 1.3 using internally supported ZLIB compression algorithm. See RFC 8879 for more details:
>> https://datatracker.ietf.org/doc/html/rfc8879
>
> Artur Barashev has updated the pull request incrementally with two additional commits since the last revision:
>
> - Add COMPRESSED_CERTIFICATE to the QUIC list of expected TLS messages
> - Add back the library directive
src/java.base/share/classes/sun/security/ssl/CompressionAlgorithm.java line 98:
> 96:
> 97: Map<Integer, Function<byte[], byte[]>> inflaters =
> 98: new LinkedHashMap<>(config.certInflaters.size());
Hello Artur, is this intentionally using the constructor which takes a `initialCapacity` or was it meant to be the number of expected mappings? If it's the latter, then there's `LinkedHashMap.newLinkedHashMap()` method https://docs.oracle.com/en/java/javase/25/docs/api/java.base/java/util/LinkedHashMap.html#newLinkedHashMap(int) which takes the expected number of mappings.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/28682#discussion_r2720415224
More information about the security-dev
mailing list