Re: RFR 8072996: Deprecate stream-based GSSContext methods

Thu, 24 May 2018 17:28:41 -0700 

CSR and webrev updated.

   webrev: http://cr.openjdk.java.net/~weijun/8072996/webrev.01/
      CSR: https://bugs.openjdk.java.net/browse/JDK-8202953

Thanks
Max

> On May 25, 2018, at 1:06 AM, Sean Mullan <sean.mul...@oracle.com> wrote:
> 
> For the new paragraph in GSSContext, I think you should quote RFC 8353 since 
> you are taking the wording from that. You should also say "Java SE 11" 
> instead of "JDK 11". So here is a possible re-wording:
> 
> The stream-based methods of {@code GSSContext} have been deprecated in Java 
> SE 11. These methods have also been removed from <a 
> href="http://tools.ietf.org/html/rfc8353";>
> RFC 8353: Generic Security Service API Version 2: Java Bindings Update</a> 
> for the following reasons (see section 11): "The overloaded methods of 
> GSSContext that use input and output streams as the means to convey 
> authentication and per-message GSS-API tokens as described in Section 5.15 of 
> RFC 5653 [RFC5653] are removed in this update as the wire protocol should be 
> defined by an application and not a library. It's also impossible to 
> implement these methods correctly when the token has no self-framing (where 
> the end cannot be determined), or the library has no knowledge of the token 
> format (for example, as a bridge talking
> to another GSS library)". These methods include {@link 
> #initSecContext(InputStream, OutputStream)}, {@link 
> #acceptSecContext(InputStream, OutputStream)},
> {@link #wrap(InputStream, OutputStream, MessageProp)}, {@link 
> #unwrap(InputStream, OutputStream, MessageProp)}, {@link #getMIC(InputStream, 
> OutputStream, MessageProp)}, and {@link #verifyMIC(InputStream, InputStream, 
> MessageProp)}.
> 
> I would probably also move this paragraph higher up in the class summary, 
> before the example.
> 
> --Sean
> 
> On 5/24/18 2:12 AM, Weijun Wang wrote:
>> RFC 8353 has removed stream-based GSSContext methods [1]. Therefore we 
>> deprecate them in JDK. Please take a review at
>>    webrev: http://cr.openjdk.java.net/~weijun/8072996/webrev.00/
>>       CSR: https://bugs.openjdk.java.net/browse/JDK-8202953
>> Thanks
>> Max
>> [1] https://tools.ietf.org/html/rfc8353#section-11

Reply via email to