On 7/8/19 8:30 AM, Xuelei Fan wrote:
Hi,
A couple of comments.
In the release note, "For TLS 1.3, stateless tickets use the existing
PSK resumption extension in RFC 8446[2]. TLS 1.3 will revert to the
session cache if the server property is false. "
In CSR, "For TLS 1.3, stateless tickets use the existing PSK resumption
extension in (RFC 8446), which require no properties or settings."
The above two parts of information are not consistent.
Correct, however, while 1.3 uses the existing ticekt mechanism for
stateless and stateful without a property setting. However the contents
of that ticket do depend on the property.
Initially the CSR was more clear about that, but I think as it got
edited in review that information was removed as it described the
property and handshake message relationship more.
Tony
----
RFC 5077[1]
RFC 8446[2]
[1]: https://tools.ietf.org/html/rfc5077
[2]: https://tools.ietf.org/html/rfc8446
Just a very personal preference. May not need the cite references for
RFCs, which are well known.
----
"With less session information cached, some session information may not
be available."
I did not get the idea. These words may be confusing and misleading.
All session information should be available once the session is
established. I may just remove this sentence.
----
TLS 1.2
"TLS 1.2" are mentioned multiple times. The NST extension applies to
TLS 1.0 and 1.1 as well. We may want to mention TLS 1.0/1.1 as well.
Maybe, we can just copy the "Specification" section in the CSR as the
release note.
Thanks,
Xuelei
On 7/8/2019 8:01 AM, Sean Mullan wrote:
Fixed a couple of typos. Although it says "This feature is enabled by
default.", I think you should also say what the default values of the
2 properties are, just to make it clear how it is enabled by default.
Looks good otherwise.
--Sean
On 7/2/19 5:43 PM, Anthony Scarpino wrote:
Hi,
I needs a release note review of the Stateless Resumption work
https://bugs.openjdk.java.net/browse/JDK-8227105
thanks
Tony
