Hi,
Working with Java and the JCA KeyStore for decades, I came across
many situations where I thought it would be convenient to be
able to load private keys and certificates in PEM format directly
using the KeyStore API. Without the need to convert them to PKCS#12/JKS.
You can find my implementat
You would need to publish your code that somebody can debug it.GreetingsBernd-- http://bernd.eckenfels.net
Von: Filip Petr. Gesendet: Freitag, September 1, 2023 6:02 PMAn: security-dev@openjdk.org ; e...@zusammenkunft.net Betreff: Re: Modification of Client hello
Hi Sean,
Thanks for clarifying your idea. I understand your motivation and share
your concerns. I can think of how this application-specific knowledge can
turn into a library-specific one in real scenarios, which may open the door
for undesired dependencies. I also agree with being wary about doin
This extension is my custom. It's the same extension that Google chrome
added (https://datatracker.ietf.org/doc/html/rfc8701). You can check this
extension on your Chrome browser using this following URL
https://tls.peet.ws/api/tls
I don't understand why this is an issue for my Java program? I che
In addition to the goals, scope, motivation, specification and requirement
notes in [JDK-8315487](https://bugs.openjdk.org/browse/JDK-8315487), we would
like to describe the most relevant decisions taken during the implementation of
this enhancement. These notes are organized by feature, may enc
Need to correct myself, there is no alert from the server in the trace, but this exception:javax.net.ssl|ERROR|81|HttpClient-1-Worker-0|2023-09-01 10:33:57.441 CEST|TransportContext.java:370|Fatal (DECODE_ERROR): Invalid TLS_GREASE extension data: not empty (
"throwable" :
If it’s an alert from the server it’s not your Java program which „spots the unusual extension“. It’s more like your custom extensions sent are not correct to the servers interpretation. Did you maybe hardcode signatures or such?GrussBernd-- http://bernd.eckenfels.net
The alerts I'm getting are coming from some random web server i'm hitting
and i dont know its architecture. In this error traces I'm submitting it's
www.google.com but it happens for every other domain I'm trying to hit. It
seems that my java app and my client side program is glitching as it's
spot
