Code review request, 7188658 Add possibility to disable client initiated renegotiation (original) (raw)
Xuelei Fan xuelei.fan at oracle.com
Fri Jun 28 00:39:28 UTC 2013
- Previous message (by thread): Code review request, 7188658 Add possibility to disable client initiated renegotiation
- Next message (by thread): hg: jdk8/tl/jdk: 8016251: Balanced spliterator for SpinedBuffer
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 6/28/2013 8:16 AM, Brad Wetmore wrote:
Rearranging and tweaking a bit. What do you think of:
--- Reject client initiated renegotiation? If server side should reject client-initiated renegotiation, send an alerthandshakefailure fatal alert, not a norenegotiation warning alert (norenegotiation must be a warning: RFC 2246). norenegotiation might seem more natural at first, but warnings are not appropriate because the sending party does not know how the receiving party will behave. This state must be treated as a fatal server condition. This will not have any impact on server initiated renegotiation. --- Looks nice to me.
Xuelei
Brad
On 6/27/2013 4:51 PM, Xuelei Fan wrote: On 6/28/2013 6:44 AM, Brad Wetmore wrote: continued, I forgot this next part.
ServerHandshaker.java ===================== 283: My initial thought was a norenegotiation(100) warning, but that allows the client to decide what to do, rather than the server terminating.
No, we cannot. First of all, warning message is not very useful because in general the sending party cannot know how the receiving party behave. Secondly, it is the expected behavior to *reject" client initiated renegotiation. It is the server who should make the decision, but not the client. Exactly. This TLS logic decision is not straightforward, so this needs commenting. And the above is what I wanted to see in the comments. That is, why we don't send a norenegotiation warning alert. It's a subtle but important enough point that should be documented. I think we should open a separate bug to handle this. Just a couple of lines are needed. What do you think these words: "Please don't send a norenegotiation warning alert. Warning message is not very useful because in general the sending party cannot know how the receiving party behave. The server side need to reject client initiated renegotiation proactively." Thanks, Xuelei
- Previous message (by thread): Code review request, 7188658 Add possibility to disable client initiated renegotiation
- Next message (by thread): hg: jdk8/tl/jdk: 8016251: Balanced spliterator for SpinedBuffer
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]