Hi, On Fri, Sep 25, 2015 at 2:15 PM, David M. Lloyd <david.ll...@redhat.com> wrote: > ...why does sorting even matter? Why should selection not be implemented > 100% in user code, based on both the cipher suites list and application > protocol, rendering this whole discussion pointless? It's clearly a complex > enough process (which is highly protocol-specific) that it seems to me quite > unlikely that the JDK can possibly implement this in a way that will work > for all use cases.
Bradford can certainly provide more context here, but the "tuple selection" approach would have required a (large) rewrite of the current mechanism, and it was discarded because of resource constraints. > In fact, why not just use the SSLExplorer approach and be done with this > already? You mean this ? http://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/samples/sni/SSLExplorer.java Can you expand on how such approach would look like ? Seems overkill to me, and all in the hands of application developers ? -- Simone Bordet http://bordet.blogspot.com --- Finally, no matter how good the architecture and design are, to deliver bug-free software with optimal performance and reliability, the implementation technique must be flawless. Victoria Livschitz