Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8134497

Add TLS support for RFC 5077 Session Ticket

    Details

    • Type: Enhancement
    • Status: Resolved
    • Priority: P3
    • Resolution: Duplicate
    • Affects Version/s: 8u51
    • Fix Version/s: 13
    • Component/s: security-libs
    • Labels:

      Description

      A DESCRIPTION OF THE REQUEST :
      Currently it is not possible to speed up SSL handshake negotiations using the TLS session ticket extension.

      http://tools.ietf.org/html/rfc5077

      There is no way of controlling the handshake to implement this manually or requesting session tickets be used as a client or server.

      JUSTIFICATION :
      Huge speed improvements and reduced CPU usage.

      https://blog.cloudflare.com/tls-session-resumption-full-speed-and-secure/

      Any application that handles multiple connections will see a large performance improvement as the most expensive part of the handshake is skipped.



      EXPECTED VERSUS ACTUAL BEHAVIOR :
      EXPECTED -
      Allow SSLSocket objects to have the ability to implement session tickets or allow access to add TLS extensions to the handshake.
      ACTUAL -
      Its impossible to implement session tickets with the current library.

      CUSTOMER SUBMITTED WORKAROUND :
      Opening sockets with OpenSSL instead of using the java ssl library.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                ascarpino Anthony Scarpino
                Reporter:
                webbuggrp Webbug Group
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: