On Wed, 20 Mar 2024 12:05:47 GMT, Sean Coffey <coff...@openjdk.org> wrote:
>> Got it. Thanks.. CH legacy_session_id uses this check for non-empty >> sessionId. > > just see this comment regards `useCompatibilityMode` - I'd a similar concern. > shouldn't useCompatibilityMode be checked no matter what value we get for > `clientHello.sessionId.length() `? `useCompatibilityMode` is a client-side setting. See [the spec](https://www.rfc-editor.org/rfc/rfc8446#page-141): > if the client sends a non-empty session ID, the server MUST send the > change_cipher_spec as described in this appendix. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/18372#discussion_r1531998441
