Mark Murphy: > On Fri, Mar 18, 2016, at 06:52, Hans-Christoph Steiner wrote: >> Also, to use the K-9 technique that does not use reflection, >> TlsOnlySocketFactory will need to be a subclass of >> SSLCertificateSocketFactory rather than SSLSocketFactory. I think >> that's probably the best approach. > > Agreed. I didn't do that in the work that I did for my book chapter, to > minimize changes to NetCipher's core code. This area was the only thing > that I needed to change anything in existing NetCipher, and I figured > that adding a stopgap method to TlsOnlySocketFactory was less intrusive > than changing its base class.
At this point, this should be integrated into NetCipher as simply as possible. Hopefully making TlsOnlySocketFactory a subclass of SSLCertificateSocketFactory does not cause other things to explode... .hc -- PGP fingerprint: EE66 20C7 136B 0D2C 456C 0A4D E9E2 8DEA 00AA 5556 https://pgp.mit.edu/pks/lookup?op=vindex&search=0xE9E28DEA00AA5556 _______________________________________________ List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To unsubscribe, email: [email protected]
