Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8229149

SSLSession.getId() always returns the TLS record session id

    Details

    • Type: Bug
    • Status: Open
    • Priority: P3
    • Resolution: Unresolved
    • Affects Version/s: 13, 14
    • Fix Version/s: tbd
    • Component/s: security-libs
    • Labels:
      None

      Description


      SSLSession.getID() will return the current TLS record session id when using stateless resumption. For TLS 1.2 using stateless, this maybe more of an issue as resumption has always used the previous session ID. However, if the client resumes with the previous session ID, the server reply with that ID. This may change to be consistent a future release.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                ascarpino Anthony Scarpino
                Reporter:
                ascarpino Anthony Scarpino
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated: