On Tue, 31 May 2022 13:47:28 GMT, Sean Coffey <coff...@openjdk.org> wrote:
>> Session ticket extension should only contain pre-TLS1.3 stateless session >> tickets; it should not be used for sending TLS1.3 pre-shared keys. > > src/java.base/share/classes/sun/security/ssl/SessionTicketExtension.java line > 410: > >> 408: || chc.resumingSession.getPskIdentity() == null >> 409: || !Arrays.asList(ProtocolVersion.PROTOCOLS_10_12) >> 410: >> .contains(chc.resumingSession.getProtocolVersion())) { > > would `chc.resumingSession.getProtocolVersion().useTLS13PlusSpec()` read > better for your last condition ? Might save on Array allocations also ? good point! ------------- PR: https://git.openjdk.java.net/jdk/pull/8922