[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openjdk-net-dev
Subject:    Re: TLS ALPN Proposal v6
From:       Xuelei Fan <xuelei.fan () oracle ! com>
Date:       2015-10-02 2:35:50
Message-ID: 560DED86.5070702 () oracle ! com
[Download RAW message or body]

On 10/2/2015 9:03 AM, Bradford Wetmore wrote:
> Major changes:
> 
> 1.  ApplicationProtocols is gone.  The H2 black list and comparator were
> moved to StandardConstants.
> 
> 2.  StandardConstants.  Strings for "h2" and "http/1.1" are back.  And
> now that you are parsing the raw network bytes, I added a convenience
> mapping between the two byte ciphersuite IANA-assigned value and the
> Java Standard Name.
> 
There is no SSLExplorer in OpenJDK. I think, maybe, the map is not
belong to OpenJDK either.

I think, the constants for HTTP2 is also belong to application protocol
(HTTP2) layer.  Application (HTTP2) implementation would take care of
them.  Maybe, they are not a part of JSSE framework either.

I would like to have "h2" and "http/1.1" defined as Standard Algorithms
Docs as we usually did for other standard constants.

> 3.  SSLParameter (set/get) are moved to SSLSocket/SSLEngine.  Even
> though these could go into SSLParameters, this change makes backporting
> much easier.  The helper code simply has to reflectively look for the
> four methods in the implementation classes, and call if they are there.
> 
> Otherwise, there would have to be reflection both in the user code
> (above) and implementation (to see if the passed SSLParameters had the
> new methods via a subclass).
But, looking forward, per JSSE framework, SSLParameters should be the
central place to define SSL/TLS configuration parameters. We'd better
follow the conventions so that application developers won't get confused
about where SSL/TLS parameters should be configured.

Maybe, we cannot add public APIs for backporting. I think backporting is
another history, and would better not impact too much of the design for
JDK 9 and future releases.

Hope it helps!

Xuelei
[prev in list] [next in list] [prev in thread] [next in thread]