On Mon, 25 Jan 2021 22:17:56 GMT, Xue-Lei Andrew Fan <xue...@openjdk.org> wrote:
>> The TLS protocols are designed to tolerant unknown TLS extensions. However, >> although it is not common, there are a few TLS implementations that cannot >> handle unknown extensions properly. As results in unexpected >> interoperability issue when new extensions are introduced in JDK. The >> interoperability impact could be mitigated If applications can customize the >> extensions if needed. >> >> With this update, two system properties are added to configure the default >> extensions in either client or server side of TLS connections. Please note >> that the impact of blocking TLS extensions is complicated. For example, a >> TLS connection may not be able to established if a mandatory extension is >> blocked. Please don't use this feature unless you clearly understand the >> impact. >> >> Bug: https://bugs.openjdk.java.net/browse/JDK-8217633 >> CSR: https://bugs.openjdk.java.net/browse/JDK-8217993 > > Xue-Lei Andrew Fan has updated the pull request incrementally with one > additional commit since the last revision: > > Update copyright years to 2021 Looks good to me. ------------- Marked as reviewed by jnimeh (Reviewer). PR: https://git.openjdk.java.net/jdk/pull/1752
