On 14/11/2019 02:05, Bradford Wetmore wrote: > Xuelei/Valerie (+ any other codereviewers), > > As announced on jdk8u-dev[1], there is a Maintenance Release in progress > for Java SE 8 (i.e. JSR 337) [2] to include two security features > important for TLS 1.3: > > 1. Application-Layer Protocol Negotiation (ALPN) [3][4] > 2. RSA Signature Scheme with Appendix: Probabilistic Signature Scheme > (RSASSA-PSS) [5][6] > > The Enhancement and CSR IDs are footnoted above/below. > > To ensure compatibility across the active Java releases, we are > backporting the APIs introduced in Java SE 9 and 11 respectively to Java > SE 8. > > This email is a Request For Review (RFR) of the two major pieces for > this MR: > > 1. ALPN: > http://cr.openjdk.java.net/~wetmore/MR3-codereview-8u41/open/ALPN > > 2. RSASSA-PSS: > http://cr.openjdk.java.net/~wetmore/MR3-codereview-8u41/open/PSS > > This includes the updates to the Specification and Reference > Implementation (RI), which will be called JDK 8u41 [7]. > > Almost all of these changes are direct copies of the changesets applied > in JDK 9+. > > In addition to these features: > > 1. The file ADDITIONAL_LICENSE_INFO was added, which is identical to > the same file in later releases. > > 2. Truncated MessageDigests (i.e. SHA-512/224, SHA-512/256) were added > to the SUN Provider to support the corresponding truncated RSASSA-PSS > Signatures. > > Thanks, > > Brad > > [1] > https://mail.openjdk.java.net/pipermail/jdk8u-dev/2019-November/010573.html > [2] https://www.jcp.org/en/jsr/detail?id=337 > [3] https://bugs.openjdk.java.net/browse/JDK-8230977 > [4] https://bugs.openjdk.java.net/browse/JDK-8233417 > [5] https://bugs.openjdk.java.net/browse/JDK-8230978 > [6] https://bugs.openjdk.java.net/browse/JDK-8233418 > [7] http://hg.openjdk.java.net/jdk8u/jdk8u41/ >
It's not clear which bug IDs these two webrevs apply to. Note that changes for OpenJDK 8u require approval using the jdk8u-fix-request label, as described at https://wiki.openjdk.java.net/display/jdk8u/Main. Thanks, -- Andrew :) Senior Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net) Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222 https://keybase.io/gnu_andrew
signature.asc
Description: OpenPGP digital signature