<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<ul>
<li>DHKeyExchange.java</li>
<ul>
<li>177-192: Am I missing something or does isRecovering get
defined as false and never gets set to true within the
lifetime of the variable? Do we still need this?</li>
<li>178: Nit/typo: "recove" --> "recover"<br>
</li>
<li>207-210: Catching Exception seems really broad. Can you
cover all your checked exception cases with
GeneralSecurityException and just let the unchecked exceptions
throw as-is without wrapping them inside RuntimeException?</li>
</ul>
<li>DHServerKeyExchange.java</li>
<ul>
<li>69-71: Can the p/g/y fields be final?</li>
</ul>
</ul>
<p>More on the way.<br>
</p>
--Jamil<br>
<blockquote type="cite"
cite="mid:b9b22692-9c53-ba2d-f16d-6e94c20be729@oracle.com">
<br>
On 6/8/2018 10:21 AM, Xuelei Fan wrote:
<br>
<blockquote type="cite">Here is the 3rd full webrev:
<br>
<a class="moz-txt-link-freetext" href="http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.02">http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.02</a>
<br>
<br>
and the delta update to the 1st webrev:
<br>
<a class="moz-txt-link-freetext" href="http://cr.openjdk.java.net/~xuelei/8196584/webrev-delta.01">http://cr.openjdk.java.net/~xuelei/8196584/webrev-delta.01</a>
<br>
<br>
Xuelei
<br>
<br>
On 6/3/2018 9:43 PM, Xuelei Fan wrote:
<br>
<blockquote type="cite">Hi,
<br>
<br>
Here it the 2nd full webrev:
<br>
<a class="moz-txt-link-freetext" href="http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.01">http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.01</a>
<br>
<br>
and the delta update to the 1st webrev:
<br>
<a class="moz-txt-link-freetext" href="http://cr.openjdk.java.net/~xuelei/8196584/webrev-delta.00/">http://cr.openjdk.java.net/~xuelei/8196584/webrev-delta.00/</a>
<br>
<br>
Xuelei
<br>
<br>
On 5/25/2018 4:45 PM, Xuelei Fan wrote:
<br>
<blockquote type="cite">Hi,
<br>
<br>
I'd like to invite you to review the TLS 1.3
implementation. I appreciate it if I could have
compatibility and specification feedback before May 31,
2018, and implementation feedback before June 7, 2018.
<br>
<br>
Here is the webrev:
<br>
<a class="moz-txt-link-freetext" href="http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.00">http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.00</a>
<br>
<br>
The formal TLS 1.3 specification is not finalized yet,
although it had been approved to be a standard. The
implementation is based on the draft version 28:
<br>
<a class="moz-txt-link-freetext" href="https://tools.ietf.org/html/draft-ietf-tls-tls13-28">https://tools.ietf.org/html/draft-ietf-tls-tls13-28</a>
<br>
<br>
For the overall description of this enhancement, please
refer to JEP 332:
<br>
<a class="moz-txt-link-freetext" href="http://openjdk.java.net/jeps/332">http://openjdk.java.net/jeps/332</a>
<br>
<br>
For the compatibility and specification update, please refer
to CSR 8202625:
<br>
<a class="moz-txt-link-freetext" href="https://bugs.openjdk.java.net/browse/JDK-8202625">https://bugs.openjdk.java.net/browse/JDK-8202625</a>
<br>
<br>
Note that we are using the sandbox for the development right
now. For more information, please refer to Bradford's
previous email:
<br>
<br>
<a class="moz-txt-link-freetext" href="http://mail.openjdk.java.net/pipermail/security-dev/2018-May/017139.html">http://mail.openjdk.java.net/pipermail/security-dev/2018-May/017139.html</a>
<br>
<br>
Thanks & Regards,
<br>
Xuelei
<br>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<br>
</body>
</html>