Re: RFR 8211018: Session Resumption without Server-Side State

Fri, 24 May 2019 08:53:15 -0700 

SSLSessionContext.java
----------------------
As comment in the CSR review thread, I may not define the jdk.tls.server.sessionTicketTimeout property, and use one session timeout (SSLSessionContext.getSessionTimeout()) instead. 

The ticket timeout may be not necessary, read more please.

SessionTicketExtension.java
---------------------------

As comment in the CSR review thread, I may not define the key timeout. 
Instead, I may use key usage limit.  As it is stateless server, I may 
not use the stateless session timeout as well, for less states.  The key 
rotation scheme might be able to take place of timeout.  For client 
side, the session context session timeout and management may be 
sufficient for the client side cache cleanup.


StatelessKey.gcmspec:

If I read it right, the same key and iv are used for every ticket 
encryption.  This behavior is vulnerable.  The IV should be unique for 
each encryption.



I would like to avoid to create thread in the fundamental API 
implementation if possible.  As the thread (KeyState.run()) is for 
invalid key cleanup only, the cleanup can be moved to the get methods.



For each StatelessKey, one thread is created.  I was wondering if there 
are any chance that there are multiple threads to manage the stateless 
keys, and potential memory leak?



Anyway, I will try to avoid to use internal thread.  I may use a key 
rotation scheme similar to cookie manager (use two keys, one for legacy 
and one for the current key, see HelloCookieManager.java).



If the key is invalid, an exception will be thrown and then fail back to 
full handshake.  Exception thrown and catch are expensive, I may not 
exception for the failback to full handshake.



Let's discuss these issues firstly before we moving on with more code 
review.


Hope it helps.

Thanks,
Xuelei


On 5/21/2019 5:35 PM, Anthony Scarpino wrote:

Hi all,

I’ve updated in-place some recent changes due to some additional testing

Tony


On May 16, 2019, at 2:30 PM, Anthony Scarpino <anthony.scarp...@oracle.com> 
wrote:

I'm asking for a review of this rather large change to add support stateless 
tickets in the TLS 1.3 5077 RFC.
https://bugs.openjdk.java.net/browse/JDK-8211018

http://cr.openjdk.java.net/~ascarpino/stateless/webrev.00

thanks

Tony
























					Reply via email to