JDK-4892889 : Select pieces from RFC 3546/4366, especially buffer sizes
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 5.0
  • Priority: P3
  • Status: Closed
  • Resolution: Duplicate
  • OS: generic
  • CPU: generic
  • Submitted: 2003-07-18
  • Updated: 2011-02-03
  • Resolved: 2011-02-03
Related Reports
Duplicate :  
JDK-6654414 - Support TLS extensions
Relates :  
JDK-6581437 - SSLEngine wastes over 32K per instance
Description
RFC 3546 has a number of new features, and we should consider them.  The
maximum fragment length is obvious.

suggested API in SSLEngine/SSLSocket

public int getPreferredBufferSize()
public void setPreferredBufferSize(int size)
When negotiating, implementation will try to negotiate a buffer size
of no larger than size bytes.  A value too small will be rounded up to 
the minimum supported buffer size.

From RFC, the currently supported numbers are, 2^14 and 2^x  x<=9<=12,
but we don't need to put that into the API.
 
So for example:

		x=2^16 would round down to 2^14
2^14
		x=10k would round down to 2^12 (4096)
2^12
...
2^9
		x=5 would round up to 2^9

This value will need to reflected in the SSLSession, when the SSLEngine changes
go in.

###@###.### 2003-07-18

This value should be set to the standard TLS/SSL size by default.
Comments
EVALUATION Will address the issue within CR 6654414. Close this CR as duplicate of CR 6654414.
03-02-2011
CONVERTED DATA BugTraq+ Release Management Values COMMIT TO FIX: mustang
02-09-2004
EVALUATION Consider for tiger, but may need to wait for the next release. ###@###.### 2003-09-03 We implemented the SSLEngine buffer sizes in SSLSession, but didn't do anything beyond that in tiger. ###@###.### 2003-12-12
03-09-2003