On 5/6/2015 9:42 PM, Florian Weimer wrote: > On 05/06/2015 01:42 AM, Xuelei Fan wrote: >> As additional APIs are strongly desired, what do you think to make the >> API more general and easy to use? For example, using the name: >> >> SSLParameters.setUseFallbackMode(boolean isFallback) >> boolean SSLParameters.getuseFallbackMode() >> >> We can implement more for this parameters if need to take care of >> additional more problems during fallback negotiation. Instinctively, >> developers and code reviewers would not call this APIs unless this is a >> real fallback negotiation, I think. > > Sounds reasonable. I have add an @implNote mentioning that the default > provider sends TLS_FALLBACK_SCSV. > > <http://cr.openjdk.java.net/~fweimer/8061798/webrev.01/> > I guess the new webrev may be: http://cr.openjdk.java.net/~fweimer/8061798/webrev.02/
Xuelei > There are now additional tests which explicitly verify the cipher suite > list sent by the client. >
