Like XDH, these...
->
Like XDH (i.e. x25519/x448), these...
You might provide a link to the original XDH JEP (JDK-8181595) and later
CSR (JDK-8224520) and/or JDK-8171279.
and for use in automatic certificate selection for certificate messages.
->
and for use in certificate selection for certificate messages.
KeyManagers aren't required to be "automatic." e.g. the old plugin used
to popup a dialog box that waited for the user to select which key/cert
to use.
What specific key values will be used on the KeyManager.*ClientAlias*()?
"signature_algorithms and signature_algorithms_cert"
I was originally going to suggest trying to describe these functions and
whether they appear in TLSv1.2/1.3 but might be a little hard to
explain, but might not be worth it. Your call if so.
Otherwise, this looks good. I've added myself as reviewer.
Brad
On 10/14/2020 2:08 PM, Sean Mullan wrote:
In the Summary and Solution sections, can you be more specific as to
what TLS versions will be supported?
Can you also show what the order of signature schemes is before and
after the change, for each TLS version? I think this would make it more
clear about what the priority of the new schemes is.
Thanks,
Sean
On 10/13/20 1:59 PM, Jamil Nimeh wrote:
Hi Folks,
I just put out the draft CSR for the RFE that adds EdDSA support in
JSSE. If anyone has some spare cycles to review this I'd appreciate it.
https://bugs.openjdk.java.net/browse/JDK-8254709
Thanks,
--Jamil
