Hi Tony,
The Specification section looks more like the implementation details.
We may change the implementation details again in the future. It may be
more suitable to move it to the Solution section, or just remove it. In
the Specification section, I may just say something like, "No APIs
changes. The SunJSSE provider is updated to throw
UnsupportedOperationException if SSLContext.SSLServerSocketFactory() or
SSLContext.SSLSocketFactory() get called for DTLS algorithms SSLContext".
Thanks,
Xuelei
On 8/7/2018 4:14 PM, Anthony Scarpino wrote:
Hi Xuelei,
I have updated the csr and I believe I have addressed your comments.
thanks
Tony
On 08/07/2018 01:43 PM, Xuelei Fan wrote:
Hi Tony,
Would you mind make it clear that this impact the JDK JSSE provider
only? Third party's provider may be able to support DTLS with SSLSocket.
I think there may be no specification change. The
SSLContext.getServerSocketFactory() and SSLContext.getSocketFactory()
defines the spec if the algorithm is not supported by the underlying
provider, "UnsupportedOperationException - if the underlying provider
does not implement the operation.". I may prefer to make it clear
that this is just a behavior change of the JDK JSSE provider
(SunJSSE). The SunJSSE provider now throws
UnsupportedOperationException for creating SSL(Server)SocketFactory
with DTLS SSLContext, because it does not actually support DTLS
SSLSocket.
In Solution section, "Throwing a UnsupportedOperationException when
getting a socket from the SSLServerSocketFactory or SSLSocketFactory
for DTLS." I guess you meant, throwing a UOE when calling
SSLContext.getServerSocketFactory() and SSLContext.getSocketFactory()?
Thanks,
Xuelei
On 8/7/2018 12:17 PM, Anthony Scarpino wrote:
I need a review of a CSR for SSLSocket should throw an exception when
configuring DTLS. We are targeting this for 12 right now.
https://bugs.openjdk.java.net/browse/JDK-8209031
thanks
Tony
