Hi,
Could I get the following update reviewed?
RFE: https://bugs.openjdk.java.net/browse/JDK-8206925
CSR: https://bugs.openjdk.java.net/browse/JDK-8244441
Release-note: https://bugs.openjdk.java.net/browse/JDK-8244460
webrev: http://cr.openjdk.java.net/~xuelei/8206925/webrev.00/
The "certificate_authorities" extension is an optional extension
introduced in TLS 1.3 and used to indicate the certificate authorities
(CAs) which an endpoint supports and which SHOULD be used by the
receiving endpoint to guide certificate selection.
In TLS 1.2, this function is built in the CertificateRequest handshake
massage.
This function is supported in TLS 1.2 and prior versions. However, it is
not implemented in the TLS 1.3 implementation. Without this function,
the authentication certificate selected may be not the one the peer
could accepted, when there are multiple certificates available.
Thanks,
Xuelei
