Tony and I had a private chat, and I understand his concerns better now.
The name of the variable TransportContext.needEmptySessionTicket is
confusing. I updated it to "needHandshakeFinishedStatus" per the
suggestion, together with other change according to the comments.
Here is the new webr
> On May 28, 2020, at 8:46 AM, Valerie Peng wrote:
>
> Hi Max,
>
> I like this new structure better. Much easier to understand. Most of the
> changes are technical debt that's accumulated inside PKCS8Key class.
>
> A few notable differences which I am not so sure about are
>
> - the encode
Hi Max,
I like this new structure better. Much easier to understand. Most of the
changes are technical debt that's accumulated inside PKCS8Key class.
A few notable differences which I am not so sure about are
- the encodedKey is returned by getEncoded() directly w/o cloning, and
- the protec
Hi,
I need a javadoc review for a Signature/SignatureSpi parameters change
that is needed to the spec, which affects EdDSA. The existing spec was
very strict in the way set and get parameters were handled. This
modifies that slightly by allowing null to be returned by the get
methods when i
On 5/22/20 6:38 PM, Xuelei Fan wrote:
On 5/22/2020 11:17 AM, Sean Mullan wrote:
On 5/22/20 1:55 PM, Xuelei Fan wrote:
* test/jdk/sun/security/ssl/X509TrustManagerImpl/TooMuchCAs.java
Will this test FAIL if we ever exceed the maximum number of CAs? I
think it is important that it does FAIL, as
Hello Aleks,
I mean “com.sun.jndi.ldap.connect.timeout” property.
The positive value forces to start TLS handshake and wait for it completion
during the connectTimeout milliseconds:
Connection.java
>> if (connectTimeout > 0) {
>> int socketTimeout = sslSocket.getSoTimeout();
>> sslSocket.
Hi Ben,
The tutorial is impressive to me.
Thanks for the reporting, I filed a RFE for the tracking:
https://bugs.openjdk.java.net/browse/JDK-8245983
Xuelei
On 5/27/2020 7:23 AM, Ben Smyth wrote:
I have written a TLS 1.3 tutorial
(https://bensmyth.com/publications/2019-TLS-tutorial/) which
I have written a TLS 1.3 tutorial (
https://bensmyth.com/publications/2019-TLS-tutorial/) which includes source
code from JDK 11. Whilst explaining the code, I noticed some possible
refactoring that would simplify the (JDK 11 & current) code base:
- createHkdfInfo is defined three times:
SSLBasicK
Hi Max,
You are right, It is possible that algorithm name is not confirm
With format.
As soon as RFC5929 does not specify this situation I would suggest to use
“SHA-256” hash instead of throwing SaslException exception.
Regards
Alexey
> On 27 May 2020, at 13:25, Weijun Wang wrote:
>
>
>
>>
Hi Alexey,
I have question about timeouts:
LdapCtx has 2 timeout properties: connectTimeout and readTimeout.
First one is for controlling the Socket::connect timeout
(Connection::createSocket), another - for reading out the replies
(Connection::readReply).
Both of them have default values set t
Hello Bernd,
> On 27 May 2020, at 13:12, Bernd Eckenfels wrote:
>
> LdapCtxt:
> 2568 /**
> 2569 * Sets the read timeout value
> 2570 */
> 2571 private void setChannelBindingType(String cbTypeProp) {
Thank you. This is misprint. Should be “Sets the channel binding type”
About
> On May 21, 2020, at 3:35 PM, Alexey Bakhtin wrote:
>
> The hash algorithm is selected on the base of the certificate
> signature algorithm.
> Also, the client should use SHA-256 algorithm, in case of the
> certificate signature algorithm is SHA1 or MD5
According to ht
LdapCtxt:
2568 /**
2569 * Sets the read timeout value
2570 */
2571 private void setChannelBindingType(String cbTypeProp) {
Not sure if that javadoc is the right one? And I also wonder if enforcing the
timeout is needed, and if yes if it should be documented why. Was not obv
On 21/05/2020 18:24, Simon Tooke wrote:
> This change implements the given intrinsics on Windows.
Thank you.
Does julong work on Windows, rather than unsigned long long? If not,
perhaps a local typedef might help. All those "unsigned log long"s
look a bit clumsy.
--
Andrew Haley (he/him)
Java
Hello Valerie,
Unfortunately, Windows LDAP server with LdapEnforceChannelBinding=2 does not
accept GSS_C_AF_NULLADDR address type.
This is exact reason of these changes.
I’ve tried to fix inconsistency of address type value in the latest webrev:
http://cr.openjdk.java.net/~abakhtin/8245527/webrev
15 matches
Mail list logo
