> The TLS protocols are designed to tolerant unknown TLS extensions. However, > although it is not common, there are a few TLS implementations that cannot > handle unknown extensions properly. As results in unexpected interoperability > issue when new extensions are introduced in JDK. The interoperability impact > could be mitigated If applications can customize the extensions if needed. > > With this update, two system properties are added to configure the default > extensions in either client or server side of TLS connections. Please note > that the impact of blocking TLS extensions is complicated. For example, a > TLS connection may not be able to established if a mandatory extension is > blocked. Please don't use this feature unless you clearly understand the > impact. > > Bug: https://bugs.openjdk.java.net/browse/JDK-8217633 > CSR: https://bugs.openjdk.java.net/browse/JDK-8217993
Xue-Lei Andrew Fan has updated the pull request incrementally with one additional commit since the last revision: Update copyright years to 2021 ------------- Changes: - all: https://git.openjdk.java.net/jdk/pull/1752/files - new: https://git.openjdk.java.net/jdk/pull/1752/files/ad5f3330..5bd6e865 Webrevs: - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=1752&range=01 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=1752&range=00-01 Stats: 4 lines in 2 files changed: 0 ins; 0 del; 4 mod Patch: https://git.openjdk.java.net/jdk/pull/1752.diff Fetch: git fetch https://git.openjdk.java.net/jdk pull/1752/head:pull/1752 PR: https://git.openjdk.java.net/jdk/pull/1752