Hi Xuelei,
<src/java.base/share/classes/sun/security/ssl/SSLCredentials.java>
<src/java.base/share/classes/sun/security/ssl/SSLPossessionGenerator.java>
<src/java.base/share/classes/sun/security/ssl/SSLPossession.java>
<src/java.base/share/classes/sun/security/ssl/SSLKeyDerivationGenerator.java>
These look fine.
<src/java.base/share/classes/sun/security/ssl/SSLKeyAgreement.java>
- kind of strange to see SSLKeyAgreement extends
SSLKeyAgreementGenerator... Normally, the naming convention implies one
generates the other.
<src/java.base/share/classes/sun/security/ssl/SSLKeyAgreementGenerator.java>
- same method name as in SSLKeyDerivationGenerator. I assume that this
is intentional as both are meant to derive keys, but with different
parameters?
Still have a few more left to review.
Valerie
On 5/25/2018 4:45 PM, Xuelei Fan wrote:
Hi,
I'd like to invite you to review the TLS 1.3 implementation. I
appreciate it if I could have compatibility and specification feedback
before May 31, 2018, and implementation feedback before June 7, 2018.
Here is the webrev:
http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.00
The formal TLS 1.3 specification is not finalized yet, although it had
been approved to be a standard. The implementation is based on the
draft version 28:
https://tools.ietf.org/html/draft-ietf-tls-tls13-28
For the overall description of this enhancement, please refer to JEP 332:
http://openjdk.java.net/jeps/332
For the compatibility and specification update, please refer to CSR
8202625:
https://bugs.openjdk.java.net/browse/JDK-8202625
Note that we are using the sandbox for the development right now. For
more information, please refer to Bradford's previous email:
http://mail.openjdk.java.net/pipermail/security-dev/2018-May/017139.html
Thanks & Regards,
Xuelei
