JEP 244: TLS Application-Layer Protocol Negotiation Extension

Thomas Lußnig openjdk at suche.org
Mon Apr 13 14:58:53 UTC 2015


On 10.04.2015 00:36, mark.reinhold at oracle.com wrote:
> New JEP Candidate: http://openjdk.java.net/jeps/244
>
> - Mark

Hi,

would it not be an great idea to combine all these new extensions to an
generic way how to handle the SSL Protocol Handshake ?

JEPS-244 ALPN
http://openjdk.java.net/jeps/8046321 := OCSP-Stapling
http://tools.ietf.org/html/draft-balfanz-tls-channelid-01

public interface HelloHandler {
    /** Allow to add extesions to Server/Client Hello based on the
Client/Server hello */
    public void handleHelloMessage(ClientHello clientHello, ServerHello
serverHello);
    /** Allow to add new Handshake Messages based on the Client/Server
Hello */
    public void sendHandshakeMessage(HandshakeOutStream
handshakeOutStream, ClientHello clientHello, ServerHello serverHello);
    /** define an order of the extensions */
    Class<? extends HelloHandler > runBefore();
   Class<? extends HelloHandler > runAfter();
}

With such an extension options it would be much more simple do implement
new Extensions.

Gruß Thomas Lußnig



More information about the security-dev mailing list