Loading...

XML

Word

Printable

Details

Type: Enhancement
Resolution: Duplicate
Priority: P3
Fix Version/s: 7
Affects Version/s: 6u2
Component/s: security-libs
Labels:
None

Subcomponent:
javax.net.ssl
CPU:

generic
OS:

generic

Description

In order to be compliant with RFC 2459, applications should implement hostname checking on SSL connections. The class HttpsURLConnection does this, for example. However, if you are using the lower-level SSLSocket, SSLServerSocket and SSLEngine classes this functionality isn't available, even though it is implemented in the underlying libraries. A mechanism should be provided to enable this existing code so that JSSE clients don't have to reinvent an existing wheel.

Suggestion: make this flag part of the SSLParameters class and implement RFE 6586274

Attachments

Issue Links

duplicates

JDK-6586258 X509ExtendedTrustManager is in the wrong namespace

Closed

relates to

JDK-6586274 SSLSocketFactory and SSLServerSocketFactory can't be configured

Closed

JDK-6766775 X509 certificate hostname checking is broken in JDK1.6.0_10

Resolved

JDK-6586284 X509KeyManager and X509TrustManager need pre-keystore access callbacks

Closed

Activity

People

Assignee:: Xuelei Fan

Reporter:: Alan Burlison

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 2007-07-27 07:01

Updated:: 2010-09-29 15:15

Resolved:: 2009-07-13 07:50

Imported:: 16/Sep/12 8:16 PM

Indexed:: 18/Jul/12 2:41 PM