> The TLS protocols are designed to tolerant unknown TLS extensions. However, > although it is not common, there are a few TLS implementations that cannot > handle unknown extensions properly. As results in unexpected interoperability > issue when new extensions are introduced in JDK. The interoperability impact > could be mitigated If applications can customize the extensions if needed. > > With this update, two system properties are added to configure the default > extensions in either client or server side of TLS connections. Please note > that the impact of blocking TLS extensions is complicated. For example, a > TLS connection may not be able to established if a mandatory extension is > blocked. Please don't use this feature unless you clearly understand the > impact. > > Bug: https://bugs.openjdk.java.net/browse/JDK-8217633 > CSR: https://bugs.openjdk.java.net/browse/JDK-8217993
Xue-Lei Andrew Fan has updated the pull request incrementally with one additional commit since the last revision: rename the system property names ------------- Changes: - all: https://git.openjdk.java.net/jdk/pull/1752/files - new: https://git.openjdk.java.net/jdk/pull/1752/files/5bd6e865..88beb8ae Webrevs: - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=1752&range=02 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=1752&range=01-02 Stats: 158 lines in 3 files changed: 75 ins; 75 del; 8 mod Patch: https://git.openjdk.java.net/jdk/pull/1752.diff Fetch: git fetch https://git.openjdk.java.net/jdk pull/1752/head:pull/1752 PR: https://git.openjdk.java.net/jdk/pull/1752
