JDK-8229149 : SSLSession.getId() always returns the TLS record session id
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 13,14
  • Priority: P3
  • Status: Open
  • Resolution: Unresolved
  • Submitted: 2019-08-05
  • Updated: 2019-10-02
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
Other
tbdUnresolved
Related Reports
Relates :  
Description
SSLSession.getID() will return the current TLS record session id when using stateless resumption.  For TLS 1.2 using stateless, this maybe more of an issue as resumption has always used the previous session ID. However, if the client resumes with the previous session ID, the server reply with that ID.  This may change to be consistent a future release.