Hi -
Every so often I run into some rather strange things in the way the Sun
EC classes were built. Most recently, I was trying to use the SunEC
provider to do a PACE like protocol. Basically, the idea was to be able
to generate public key points on the P-256 curve, but with a different
Looks good.
--Sean
On 7/12/18 2:51 PM, Rajan Halade wrote:
Please review this fix to add T-systems, GlobalSign, and Starfield
services root certificates to cacerts.
Webrev: http://cr.openjdk.java.net/~rhalade/8199779/webrev.00/
Thanks,
Rajan
Looks fine to me.
Thanks,
Xuelei
On 7/12/2018 10:39 PM, sha.ji...@oracle.com wrote:
Hi,
JDK-8028563 has removed javac support for 6/1.6 source and target, so
the following tests has to be updated accordingly.
javax/net/ssl/compatibility/Compatibility.java
On 7/12/2018 1:17 PM, Simone Bordet wrote:
Hi,
On Thu, Jul 12, 2018 at 9:29 PM Xuelei Fan wrote:
Per the TLS 1.3 specification:
- The server sends a dummy change_cipher_spec record immediately
after its first handshake message. This may either be after a
ServerHello or a
On 7/12/18 10:23 PM, Weijun Wang wrote:
On Jul 13, 2018, at 10:01 AM, Valerie Peng wrote:
Hi Max,
The javadoc is for Signature.getParameters(), so null can be returned for
signature algorithms which do not use parameters, e.g. SHA256withDSA. As
Signature class covers all signature
Here's a new Webrev that includes this change:
http://cr.openjdk.java.net/~apetcher/8206929/webrev.01/
On 7/12/2018 1:02 PM, Xuelei Fan wrote:
Set it in PostHandshakeContext should be fine as the session should
have been negotiated.
Thanks,
Xuelei
On 7/12/2018 9:57 AM, Adam Petcher wrote:
PreSharedKeyExtension.java
--
The local supported signature algorithms are checked in the canRejoin()
method. Should the peer supported signature algorithms be checked as well?
Thanks,
Xuelei
On 7/13/2018 8:08 AM, Adam Petcher wrote:
Here's a new Webrev that includes
On 7/13/2018 11:34 AM, Xuelei Fan wrote:
PreSharedKeyExtension.java
--
The local supported signature algorithms are checked in the
canRejoin() method. Should the peer supported signature algorithms be
checked as well?
I don't think so. When the peer creates its
I think we need to check more aspects, for both the session resumption
producer and consumer:
1. the local is able to resume the session.
2. the peer is able to resume the session.
3. the change of the security parameters does not impact the resumption.
So, for the protocol version checking in
On 7/13/2018 1:35 PM, Xuelei Fan wrote:
I think we need to check more aspects, for both the session resumption
producer and consumer:
1. the local is able to resume the session.
2. the peer is able to resume the session.
3. the change of the security parameters does not impact the resumption.
Hmm, I like the idea of expanding null to cover both cases.
I will explore it more and see.
Thanks for the feedback,
Valerie
On 7/13/2018 6:56 AM, Sean Mullan wrote:
On 7/12/18 10:23 PM, Weijun Wang wrote:
On Jul 13, 2018, at 10:01 AM, Valerie Peng
wrote:
Hi Max,
The javadoc is for
Hi,
On Fri, Jul 13, 2018 at 3:45 PM Xuelei Fan wrote:
> Thank you very much, Simone. I find at least two improvements we can
> take. It's really good!
Great!
Let know when they land in a 11+X release and we'll try them out.
Thanks!
--
Simone Bordet
---
Finally, no matter how good the
Thanks for updating the webrev, I will take a look.
Valerie
On 7/10/2018 10:18 AM, Martin Balao wrote:
Hi,
Webrev 04 for JDK-8029661 is ready:
*
http://cr.openjdk.java.net/~mbalao/webrevs/8029661/8029661.webrev.04.zip
On 7/13/2018 12:13 PM, Adam Petcher wrote:
On 7/13/2018 1:35 PM, Xuelei Fan wrote:
I think we need to check more aspects, for both the session resumption
producer and consumer:
1. the local is able to resume the session.
2. the peer is able to resume the session.
3. the change of the security
14 matches
Mail list logo