Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-4885061

JSSE does not renegotate after hitting 2^64-1 sequenced packets.

    XMLWordPrintable

Details

    • Bug
    • Resolution: Duplicate
    • P3
    • 7
    • 5.0
    • security-libs
    • None

    Description


      According to Eric Rescorla (TLS 1.1 spec lead), SSL/TLS implementations
      must renegotiate before reaching 2^64-1 packets. We currently roll
      over to 0.

      Yes, this is for *REALLY* long lived processes, but Jessie's Fast TCP got me
      thinking about it. Eric will be adding a clarification to the TLS 1.1
      spec.

      ###@###.### 2003-06-27

      Attachments

        Issue Links

          duplicates

          Enhancement - null JDK-4873188 Support TLS 1.1

          • P3 - Major loss of function.
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. JDK-7166487 checkSequenceNumber method never called within readRecord of SSLEngineImpl

          • P4 - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Activity

            People

              xuelei Xuelei Fan
              wetmore Bradford Wetmore
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                Imported:
                Indexed: