On 6/1/2018 7:11 AM, Xuelei Fan wrote:
> http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.00
CookieExtension.java
HelloRequest.java
HelloVerifyRequest.java
--------------------
Looks fine to me.
HKDF.java
---------
46 class HKDF {
Use "final class"?
JJN: Yes, I don't see us needing to derive child classes from this.
- 65 hmacObj = Mac.getInstance(hmacAlg);
+ 65 hmacObj = JsseJce.getMac(hmacAlg);
In case a specific crypto provider is customized.
200 SecretKey extractExpand(...
226 SecretKey extractExpand(SecretKey inputKey, ...
These two methods are not used. I may suggest remove them for now.
We can add them back if necessary in the future.
JJN: Yes to both of your suggested changes...they both sound fine.
Xuelei
On 5/25/2018 4:45 PM, Xuelei Fan wrote:
Hi,
I'd like to invite you to review the TLS 1.3 implementation. I
appreciate it if I could have compatibility and specification
feedback before May 31, 2018, and implementation feedback before June
7, 2018.
Here is the webrev:
http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.00
The formal TLS 1.3 specification is not finalized yet, although it
had been approved to be a standard. The implementation is based on
the draft version 28:
https://tools.ietf.org/html/draft-ietf-tls-tls13-28
For the overall description of this enhancement, please refer to JEP
332:
http://openjdk.java.net/jeps/332
For the compatibility and specification update, please refer to CSR
8202625:
https://bugs.openjdk.java.net/browse/JDK-8202625
Note that we are using the sandbox for the development right now.
For more information, please refer to Bradford's previous email:
http://mail.openjdk.java.net/pipermail/security-dev/2018-May/017139.html
Thanks & Regards,
Xuelei
