Re: Code Review Request: TLS 1.3 Implementation

Fri, 15 Jun 2018 14:12:02 -0700 

Update: http://hg.openjdk.java.net/jdk/sandbox/rev/125890684a60

Supports supported_versions extension for TLS 1.2 and prior versions.

Xuelei

On 6/15/2018 7:56 AM, Xuelei Fan wrote:

SSLExtension.java
-----------------
The "supported_versions" can be used in TLS 1.2 ClientHello, per the specification: 

    Implementations of TLS 1.3 which choose to support prior
    versions of TLS SHOULD support TLS 1.2.  Servers MUST be prepared to
    receive ClientHellos that include this extension but do not include
    0x0304 in the list of versions.
Although, the extension cannot be use in ServerHello for TLS 1.2 and prior versions: 

    A server which negotiates a version of TLS prior to TLS 1.3 MUST set
    ServerHello.version and MUST NOT send the "supported_versions"
    extension.

Xuelei

On 6/8/2018 10:21 AM, Xuelei Fan wrote:

Here is the 3rd full webrev:
    http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.02

and the delta update to the 1st webrev:
    http://cr.openjdk.java.net/~xuelei/8196584/webrev-delta.01

Xuelei

On 6/3/2018 9:43 PM, Xuelei Fan wrote:

Hi,

Here it the 2nd full webrev:
   http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.01

and the delta update to the 1st webrev:
   http://cr.openjdk.java.net/~xuelei/8196584/webrev-delta.00/

Xuelei

On 5/25/2018 4:45 PM, Xuelei Fan wrote:

Hi,
I'd like to invite you to review the TLS 1.3 implementation.  I appreciate it if I could have compatibility and specification feedback before May 31, 2018, and implementation feedback before June 7, 2018. 

Here is the webrev:
     http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.00
The formal TLS 1.3 specification is not finalized yet, although it had been approved to be a standard.  The implementation is basedon the draft version 28: 
     https://tools.ietf.org/html/draft-ietf-tls-tls13-28
For the overall description of this enhancement, please refer to JEP 332: 
     http://openjdk.java.net/jeps/332
For the compatibility and specification update, please refer to CSR 8202625: 
     https://bugs.openjdk.java.net/browse/JDK-8202625
Note that we are using the sandbox for the development right now. For more information, please refer to Bradford's previous email:
http://mail.openjdk.java.net/pipermail/security-dev/2018-May/017139.html 

Thanks & Regards,
Xuelei

Reply via email to