Updates to address these comments:
http://hg.openjdk.java.net/jdk/sandbox/rev/2dc6efcdeb11
http://hg.openjdk.java.net/jdk/sandbox/rev/97447478b7da
On 6/3/2018 8:24 PM, Xuelei Fan wrote:
> http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.00
PskKeyExchangeModesExtension.java
---------------------------------
66 static final class PskKeyExchangeModesSpec implements
SSLExtensionSpec {
67
68
69 final List<PskKeyExchangeMode> modes;
This class can be private.
The modes may be null if an invalid value is used. No code to check
if the value if valid and behavior accordingly. The lacking of the
checking could have unexpected issues.
Xuelei
On 5/25/2018 4:45 PM, Xuelei Fan wrote:
Hi,
I'd like to invite you to review the TLS 1.3 implementation. I
appreciate it if I could have compatibility and specification
feedback before May 31, 2018, and implementation feedback before June
7, 2018.
Here is the webrev:
http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.00
The formal TLS 1.3 specification is not finalized yet, although it
had been approved to be a standard. The implementation is based on
the draft version 28:
https://tools.ietf.org/html/draft-ietf-tls-tls13-28
For the overall description of this enhancement, please refer to JEP
332:
http://openjdk.java.net/jeps/332
For the compatibility and specification update, please refer to CSR
8202625:
https://bugs.openjdk.java.net/browse/JDK-8202625
Note that we are using the sandbox for the development right now.
For more information, please refer to Bradford's previous email:
http://mail.openjdk.java.net/pipermail/security-dev/2018-May/017139.html
Thanks & Regards,
Xuelei