Thanks, Brad, for your answer.
I have looked at the source code and think I understand the TLS 1.0 code, but
not the TLS 1.2 code
As my understanding of HTTPS is not firm, I put your answer in the observed
context to make sure I understood correctly:
The client logs the following Certificate Re
> This enhancement allows the underlying OCSP subsystem to submit OCSP requests
> using HTTP GET when the request is less than or equal to 255 bytes as
> documented in RFC 6960 and clarified in RFC 5019.
Jamil Nimeh has updated the pull request with a new target base due to a merge
or a rebase.
On Wed, 30 Dec 2020 23:33:14 GMT, Jamil Nimeh wrote:
>> This enhancement allows the underlying OCSP subsystem to submit OCSP
>> requests using HTTP GET when the request is less than or equal to 255 bytes
>> as documented in RFC 6960 and clarified in RFC 5019.
>
> Jamil Nimeh has updated the pul
On Thu, 31 Dec 2020 04:58:50 GMT, Xue-Lei Andrew Fan wrote:
>> Jamil Nimeh has updated the pull request with a new target base due to a
>> merge or a rebase. The incremental webrev excludes the unrelated changes
>> brought in by the merge/rebase. The pull request contains four additional
>> co
On Thu, 31 Dec 2020 05:06:02 GMT, Xue-Lei Andrew Fan wrote:
>> Jamil Nimeh has updated the pull request with a new target base due to a
>> merge or a rebase. The incremental webrev excludes the unrelated changes
>> brought in by the merge/rebase. The pull request contains four additional
>> co
On Thu, 31 Dec 2020 04:42:47 GMT, Xue-Lei Andrew Fan wrote:
>> Jamil Nimeh has updated the pull request with a new target base due to a
>> merge or a rebase. The incremental webrev excludes the unrelated changes
>> brought in by the merge/rebase. The pull request contains four additional
>> co
On Thu, 31 Dec 2020 05:31:21 GMT, Jamil Nimeh wrote:
>> src/java.base/share/classes/sun/security/provider/certpath/OCSP.java line
>> 235:
>>
>>> 233:
>>> 234: URL url;
>>> 235: HttpURLConnection con;
>>
>> I was just wondering, if the new httpclient APIs could be used here? M
On Thu, 31 Dec 2020 06:03:26 GMT, Xue-Lei Andrew Fan wrote:
>> From looking at the javadoc for URLConnection, I think the close has to
>> happen on the Input/OutputStreams. I have the OutputStream inside a
>> try-with-resources block. But I think I need to do the same with the
>> InputStream
> This enhancement allows the underlying OCSP subsystem to submit OCSP requests
> using HTTP GET when the request is less than or equal to 255 bytes as
> documented in RFC 6960 and clarified in RFC 5019.
Jamil Nimeh has updated the pull request incrementally with one additional
commit since the
