Re: Radomly Failed (RSA2013)
Hi Bernd, we already discussed the problems together with Brad during the JEP 123 proposal conception. Most problems had already been adressed by his proposal or were already known. But nevertheless, thanks for highlighting :-) Cheers from Bochum, Chris On Sunday 24 March 2013 20:43:38 Bernd Eckenfels wrote: Hallo, I am quite sure you received the paper directly, but nevertheless I want to be sure and point it out here on the list as well. http://www.scribd.com/doc/131955288/Randomly-Failed-The-State-of-Randomness- in-Current-Java-Implementations Kai Michaelis, Christopher Meyer and Jörg Schwenk - Ruhr Uni Bochum Abstract: This paper investigates the Randomness of several Java Run-time Libraries by inspecting the integrated Pseudo Random NumberGenerators. Significant weaknesses in different libraries including An-droid, are uncovered. For the OpenJDK most of the critics was in regards of the size limited state pool for the SHA-1 generator. I guess the analysis of the entropy collector is not that relevant, and since SHA1PRNG is miving with native random on most platforms it is also not so critical. However when building a strong version for key generation the state space should be defined/observed in spec, I think? Greetings Bernd PS: found this Paper via Kris Köhntopp, I think it is from the Cryptography Track at RSA 2013 conference. __ Dipl.-Ing. Christopher Meyer Horst Görtz Institute for IT-Security Chair for Network and Data Security Ruhr-University Bochum, Germany Universitätsstr. 150, ID 2/415 D-44801 Bochum, Germany http:// www.nds.rub.de Phone: (+49) (0)234 / 32 - 29815 Fax: (+49) (0)234 / 32 - 14347
Re: Next Protocol Negotiation TLS Extension
Hi, On Fri, Mar 22, 2013 at 1:08 AM, Brad Wetmore bradford.wetm...@oracle.com wrote: Hi Simone, I haven't looked at the proposal yet, but just from a scheduling point of view, unfortunately we're finishing up the implementation of the last of the planned features for JDK 8, so getting this into 8 is likely not possible. Likely not possible means totally impossible or if you do this and that, then it's possible ? :) Do you know the status of JEP 114 ? Will it be shipped in JDK 8 ? We have an open bug for this (JDK-8007785) and it's on the radar for JDK 9. Ok, if impossible I will eventually pop up again when JDK 8 is released and JDK 9 work started. Thanks ! -- Simone Bordet http://bordet.blogspot.com --- Finally, no matter how good the architecture and design are, to deliver bug-free software with optimal performance and reliability, the implementation technique must be flawless. Victoria Livschitz
hg: jdk8/tl/jdk: 8010668: builtin JNI libraries should not be unloaded
Changeset: 5d0c891264bf Author:chegar Date: 2013-03-25 14:29 + URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/5d0c891264bf 8010668: builtin JNI libraries should not be unloaded Reviewed-by: chegar, alanb Contributed-by: Bill Pittore bill.pitt...@oracle.com ! src/share/native/java/lang/ClassLoader.c
hg: jdk8/tl/jdk: 8010704: The test closed/java/lang/SecurityManager/CheckPackageDefinition.java failed after fix for 8009869
Changeset: d92a96dcbfe1 Author:sundar Date: 2013-03-25 19:25 +0530 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/d92a96dcbfe1 8010704: The test closed/java/lang/SecurityManager/CheckPackageDefinition.java failed after fix for 8009869 Reviewed-by: lagergren, hannesw ! src/share/lib/security/java.security-linux ! src/share/lib/security/java.security-solaris
hg: jdk8/tl/jdk: 2 new changesets
Changeset: 470232a8e89d Author:stefank Date: 2013-03-22 15:01 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/470232a8e89d 8005116: NPG: Rename -permstat option for jmap in jdk8 to -clstats Reviewed-by: jmasa, sla Contributed-by: Erik Helin erik.he...@oracle.com ! src/share/classes/sun/tools/jmap/JMap.java Changeset: 518d6087e01f Author:stefank Date: 2013-03-22 15:01 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/518d6087e01f 8004172: Update jstat counter names to reflect metaspace changes Reviewed-by: mchung Contributed-by: Erik Helin erik.he...@oracle.com ! src/share/classes/sun/tools/jstat/resources/jstat_options ! test/sun/tools/jstat/gcCapacityOutput1.awk ! test/sun/tools/jstat/gcCauseOutput1.awk + test/sun/tools/jstat/gcMetaCapacityOutput1.awk ! test/sun/tools/jstat/gcOldOutput1.awk ! test/sun/tools/jstat/gcOutput1.awk - test/sun/tools/jstat/gcPermCapacityOutput1.awk + test/sun/tools/jstat/jstatGcMetaCapacityOutput1.sh - test/sun/tools/jstat/jstatGcPermCapacityOutput1.sh ! test/sun/tools/jstat/lineCounts1.awk ! test/sun/tools/jstat/lineCounts2.awk ! test/sun/tools/jstat/lineCounts3.awk ! test/sun/tools/jstat/lineCounts4.awk ! test/sun/tools/jstat/options1.out ! test/sun/tools/jstat/options2.out ! test/sun/tools/jstat/timeStamp1.awk ! test/sun/tools/jstatd/jstatGcutilOutput1.awk
hg: jdk8/tl/nashorn: 3 new changesets
Changeset: 3b0a0d9d51f0 Author:sundar Date: 2013-03-18 21:03 +0530 URL: http://hg.openjdk.java.net/jdk8/tl/nashorn/rev/3b0a0d9d51f0 8010199: javax.script.Invocable implementation for nashorn does not return null when matching functions are missing Reviewed-by: lagergren, jlaskey ! bin/jjs ! bin/jjssecure ! bin/nashorn ! bin/nashornsecure ! src/jdk/nashorn/api/scripting/NashornScriptEngine.java + test/script/basic/JDK-8010199.js ! test/src/jdk/nashorn/api/scripting/ScriptEngineTest.java Changeset: 606a1946e3e2 Author:jlaskey Date: 2013-03-19 11:03 -0300 URL: http://hg.openjdk.java.net/jdk8/tl/nashorn/rev/606a1946e3e2 8009969: CodeCoverage should use template Reviewed-by: jlaskey, sundar Contributed-by: pavel.stepa...@oracle.com ! make/build.xml ! make/code_coverage.xml ! make/project.properties Changeset: 4be452026847 Author:attila Date: 2013-03-23 00:58 +0100 URL: http://hg.openjdk.java.net/jdk8/tl/nashorn/rev/4be452026847 8010652: Eliminate non-child references in Block/FunctionNode, and make few node types immutable Reviewed-by: jlaskey, lagergren ! make/project.properties ! src/jdk/nashorn/internal/codegen/Attr.java ! src/jdk/nashorn/internal/codegen/ClassEmitter.java ! src/jdk/nashorn/internal/codegen/CodeGenerator.java ! src/jdk/nashorn/internal/codegen/CompilationPhase.java ! src/jdk/nashorn/internal/codegen/Compiler.java ! src/jdk/nashorn/internal/codegen/FinalizeTypes.java ! src/jdk/nashorn/internal/codegen/FoldConstants.java ! src/jdk/nashorn/internal/codegen/FunctionSignature.java ! src/jdk/nashorn/internal/codegen/Lower.java ! src/jdk/nashorn/internal/codegen/MethodEmitter.java ! src/jdk/nashorn/internal/codegen/Splitter.java ! src/jdk/nashorn/internal/codegen/WeighNodes.java ! src/jdk/nashorn/internal/ir/AccessNode.java ! src/jdk/nashorn/internal/ir/Assignment.java ! src/jdk/nashorn/internal/ir/BaseNode.java ! src/jdk/nashorn/internal/ir/BinaryNode.java ! src/jdk/nashorn/internal/ir/Block.java ! src/jdk/nashorn/internal/ir/BreakNode.java ! src/jdk/nashorn/internal/ir/CallNode.java ! src/jdk/nashorn/internal/ir/CaseNode.java ! src/jdk/nashorn/internal/ir/CatchNode.java ! src/jdk/nashorn/internal/ir/ContinueNode.java ! src/jdk/nashorn/internal/ir/DoWhileNode.java ! src/jdk/nashorn/internal/ir/EmptyNode.java ! src/jdk/nashorn/internal/ir/ExecuteNode.java ! src/jdk/nashorn/internal/ir/ForNode.java ! src/jdk/nashorn/internal/ir/FunctionNode.java ! src/jdk/nashorn/internal/ir/IdentNode.java ! src/jdk/nashorn/internal/ir/IfNode.java ! src/jdk/nashorn/internal/ir/IndexNode.java ! src/jdk/nashorn/internal/ir/LabelNode.java + src/jdk/nashorn/internal/ir/LexicalContext.java ! src/jdk/nashorn/internal/ir/LineNumberNode.java ! src/jdk/nashorn/internal/ir/LiteralNode.java ! src/jdk/nashorn/internal/ir/Location.java ! src/jdk/nashorn/internal/ir/Node.java ! src/jdk/nashorn/internal/ir/ObjectNode.java ! src/jdk/nashorn/internal/ir/PropertyNode.java - src/jdk/nashorn/internal/ir/ReferenceNode.java ! src/jdk/nashorn/internal/ir/ReturnNode.java ! src/jdk/nashorn/internal/ir/RuntimeNode.java ! src/jdk/nashorn/internal/ir/SplitNode.java ! src/jdk/nashorn/internal/ir/SwitchNode.java ! src/jdk/nashorn/internal/ir/Symbol.java ! src/jdk/nashorn/internal/ir/TernaryNode.java ! src/jdk/nashorn/internal/ir/ThrowNode.java ! src/jdk/nashorn/internal/ir/TryNode.java ! src/jdk/nashorn/internal/ir/TypeOverride.java ! src/jdk/nashorn/internal/ir/UnaryNode.java ! src/jdk/nashorn/internal/ir/VarNode.java ! src/jdk/nashorn/internal/ir/WhileNode.java ! src/jdk/nashorn/internal/ir/WithNode.java ! src/jdk/nashorn/internal/ir/debug/JSONWriter.java ! src/jdk/nashorn/internal/ir/debug/PrintVisitor.java ! src/jdk/nashorn/internal/ir/visitor/NodeOperatorVisitor.java ! src/jdk/nashorn/internal/ir/visitor/NodeVisitor.java ! src/jdk/nashorn/internal/parser/Parser.java ! src/jdk/nashorn/internal/runtime/Context.java ! src/jdk/nashorn/internal/runtime/resources/Messages.properties ! test/script/basic/JDK-8006755.js ! test/script/basic/NASHORN-837.js ! test/src/jdk/nashorn/internal/codegen/CompilerTest.java
Re: Next Protocol Negotiation TLS Extension
On 3/25/2013 6:59 AM, Simone Bordet wrote: Hi, On Fri, Mar 22, 2013 at 1:08 AM, Brad Wetmore bradford.wetm...@oracle.com wrote: Hi Simone, I haven't looked at the proposal yet, but just from a scheduling point of view, unfortunately we're finishing up the implementation of the last of the planned features for JDK 8, so getting this into 8 is likely not possible. Likely not possible means totally impossible or if you do this and that, then it's possible ? :) I would never say totally impossible, but closer to totally impossible than likely not possible. Do you know the status of JEP 114 ? Will it be shipped in JDK 8 ? That is still the expectation. We had to pull 114 temporarily because of a conflict in two projects, and we'll be working on resolving the merge when the engineer is back from vacation. http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=8009925 We have an open bug for this (JDK-8007785) and it's on the radar for JDK 9. Ok, if impossible I will eventually pop up again when JDK 8 is released and JDK 9 work started. Planning for JDK 9's features will start well before that. Some of the dev work will already be underway by release. Brad Thanks ! -- Simone Bordet http://bordet.blogspot.com --- Finally, no matter how good the architecture and design are, to deliver bug-free software with optimal performance and reliability, the implementation technique must be flawless. Victoria Livschitz
hg: jdk8/tl/jdk: 8007703: Remove com.sun.servicetag API
Changeset: 5e383a73386a Author:mchung Date: 2013-03-25 17:19 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/5e383a73386a 8007703: Remove com.sun.servicetag API Reviewed-by: dholmes, alanb, erikj ! make/com/sun/Makefile ! make/common/Release.gmk ! makefiles/CopyFiles.gmk ! makefiles/CopyIntoClasses.gmk ! makefiles/CreateJars.gmk ! makefiles/GensrcProperties.gmk ! makefiles/profile-includes.txt ! makefiles/profile-rtjar-includes.txt ! test/Makefile
hg: jdk8/tl/jdk: 8010787: changeset for 8007703 is missing the deleted files
Changeset: 335d2156222e Author:mchung Date: 2013-03-25 18:14 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/335d2156222e 8010787: changeset for 8007703 is missing the deleted files Reviewed-by: dholmes, alanb, erikj - make/com/sun/servicetag/Makefile - src/share/classes/com/sun/servicetag/BrowserSupport.java - src/share/classes/com/sun/servicetag/Installer.java - src/share/classes/com/sun/servicetag/LinuxSystemEnvironment.java - src/share/classes/com/sun/servicetag/RegistrationData.java - src/share/classes/com/sun/servicetag/RegistrationDocument.java - src/share/classes/com/sun/servicetag/Registry.java - src/share/classes/com/sun/servicetag/ServiceTag.java - src/share/classes/com/sun/servicetag/SolarisServiceTag.java - src/share/classes/com/sun/servicetag/SolarisSystemEnvironment.java - src/share/classes/com/sun/servicetag/SunConnection.java - src/share/classes/com/sun/servicetag/SystemEnvironment.java - src/share/classes/com/sun/servicetag/UnauthorizedAccessException.java - src/share/classes/com/sun/servicetag/Util.java - src/share/classes/com/sun/servicetag/WindowsSystemEnvironment.java - src/share/classes/com/sun/servicetag/package.html - src/share/classes/com/sun/servicetag/resources/Putback-Notes.txt - src/share/classes/com/sun/servicetag/resources/javase_5_swordfish.properties - src/share/classes/com/sun/servicetag/resources/javase_6_swordfish.properties - src/share/classes/com/sun/servicetag/resources/javase_7_swordfish.properties - src/share/classes/com/sun/servicetag/resources/javase_servicetag.properties - src/share/classes/com/sun/servicetag/resources/jdk_header.png - src/share/classes/com/sun/servicetag/resources/product_registration.xsd - src/share/classes/com/sun/servicetag/resources/register.html - src/share/classes/com/sun/servicetag/resources/register_ja.html - src/share/classes/com/sun/servicetag/resources/register_zh_CN.html - test/com/sun/servicetag/DeleteServiceTag.java - test/com/sun/servicetag/DuplicateNotFound.java - test/com/sun/servicetag/FindServiceTags.java - test/com/sun/servicetag/InstanceUrnCheck.java - test/com/sun/servicetag/InvalidRegistrationData.java - test/com/sun/servicetag/InvalidServiceTag.java - test/com/sun/servicetag/JavaServiceTagTest.java - test/com/sun/servicetag/JavaServiceTagTest1.java - test/com/sun/servicetag/NewRegistrationData.java - test/com/sun/servicetag/SvcTagClient.java - test/com/sun/servicetag/SystemRegistryTest.java - test/com/sun/servicetag/TestLoadFromXML.java - test/com/sun/servicetag/UpdateServiceTagTest.java - test/com/sun/servicetag/Util.java - test/com/sun/servicetag/ValidRegistrationData.java - test/com/sun/servicetag/environ.properties - test/com/sun/servicetag/missing-environ-field.xml - test/com/sun/servicetag/newer-registry-version.xml - test/com/sun/servicetag/registration.xml - test/com/sun/servicetag/servicetag1.properties - test/com/sun/servicetag/servicetag2.properties - test/com/sun/servicetag/servicetag3.properties - test/com/sun/servicetag/servicetag4.properties - test/com/sun/servicetag/servicetag5.properties
