Hi,
1) Would it not be an good idea to check the first bytes of the message
so that the dual class already know what type the stream is
and there is no unnecessary instanciation of exceptions and engine class?
2) If we add an "smart" keystore why we limit it to two types? I do not
see any reason w
The aim of this enhancement is to address a specific compatibility risk for JKS
and
not to offer a general purpose mechanism for loading any keystore type. In
general,
the keystore type should match the keystore file format.
In JDK 9 there is a new probe mechanism for keystores that is more simi
Hi,
On Sat, May 23, 2015 at 3:13 AM, Bradford Wetmore
wrote:
> Thanks for the thorough reviews and comments, I really appreciate it and
> always learn something. FunctionalInterface (@since 1.8) is something I
> haven't really explored yet, so off to the books.
Just to be clear, this is what I
Am Sat, 23 May 2015 08:30:26 +0800
schrieb Xuelei Fan :
> Please refer to the "Customizing Size of Ephemeral Diffie-Hellman
> Keys" section of JSSE Reference Guide.
>
> http://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html
Thanks Xulei, but I think this does not a
On 5/23/2015 9:50 PM, Bernd Eckenfels wrote:
> Am Sat, 23 May 2015 08:30:26 +0800
> schrieb Xuelei Fan :
>
>> Please refer to the "Customizing Size of Ephemeral Diffie-Hellman
>> Keys" section of JSSE Reference Guide.
>>
>> http://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERe
Am Sat, 23 May 2015 22:16:16 +0800
schrieb Xuelei Fan :
> I did not get your ideas in the previous mail.
> "jdk.tls.disabledAlgorithms" is expected to work to disable weak DH
> keys (for example, ""DHE keySize < 768"). Can you describe your
> concern more?
This is exactly what I want to do. In o
On 5/23/2015 11:18 PM, Bernd Eckenfels wrote:
> Am Sat, 23 May 2015 22:16:16 +0800
> schrieb Xuelei Fan :
>
>> I did not get your ideas in the previous mail.
>> "jdk.tls.disabledAlgorithms" is expected to work to disable weak DH
>> keys (for example, ""DHE keySize < 768"). Can you describe your
>
Am Sat, 23 May 2015 17:18:07 +0200
schrieb Bernd Eckenfels :
> I searched the ClientHandshaker for usages of algorithmConstraints,
> and it does not use it for the DHE part. It only question
> KEY_AGREEMENT for cipher suite selection. (But I am not so famiiar
> with the code, maybe you can point me
Am Sat, 23 May 2015 17:48:25 +0200
schrieb Bernd Eckenfels :
> I also run some connection test
In case somebody wonders, the test code is here:
https://github.com/ecki/JavaCryptoTest#simple-weakdh-logjam-test-client
Gruss
Bernd
On 23.05.2015 10:59, Vincent Ryan wrote:
> The aim of this enhancement is to address a specific compatibility risk for
> JKS and
> not to offer a general purpose mechanism for loading any keystore type. In
> general,
> the keystore type should match the keystore file format.
>
> In JDK 9 there is
Hello,
I need to correct a statement:
Am Sat, 23 May 2015 15:50:06 +0200
schrieb Bernd Eckenfels :
> BTW in Regards to the Server side:
>
> That document should mention that the parameter group is generated
> randomly on first use (matching DSA restrictions). It is a good thing
> there are no st
11 matches
Mail list logo
