Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8134497

Add TLS support for RFC 5077 Session Ticket

    XMLWordPrintable

Details

    • Enhancement
    • Resolution: Duplicate
    • P3
    • 13
    • 8u51
    • security-libs

    Description

      A DESCRIPTION OF THE REQUEST :
      Currently it is not possible to speed up SSL handshake negotiations using the TLS session ticket extension.

      http://tools.ietf.org/html/rfc5077

      There is no way of controlling the handshake to implement this manually or requesting session tickets be used as a client or server.

      JUSTIFICATION :
      Huge speed improvements and reduced CPU usage.

      https://blog.cloudflare.com/tls-session-resumption-full-speed-and-secure/

      Any application that handles multiple connections will see a large performance improvement as the most expensive part of the handshake is skipped.



      EXPECTED VERSUS ACTUAL BEHAVIOR :
      EXPECTED -
      Allow SSLSocket objects to have the ability to implement session tickets or allow access to add TLS extensions to the handshake.
      ACTUAL -
      Its impossible to implement session tickets with the current library.

      CUSTOMER SUBMITTED WORKAROUND :
      Opening sockets with OpenSSL instead of using the java ssl library.

      Attachments

        Issue Links

          Activity

            People

              ascarpino Anthony Scarpino
              webbuggrp Webbug Group
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: