Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8229148

SSLSession.invalidate() should not be implicitly required

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved
    • P3
    • Resolution: Won't Fix
    • 13, 14
    • None
    • security-libs
    • None

    Description

      Stateless tickets are not invalidated when the SSLSession.invalidate() method is called. Since the server keeps no state, there is no state to invalidate. This may change in a future update or release to keep a small cache tickets

      Attachments

        Issue Links

          csr for

          CSR - null JDK-8243678 SSLSession.invalidate() should not be implicitly required

          • P3 - Major loss of function.
          • Closed
          relates to

          Enhancement - null JDK-8211018 Session Resumption without Server-Side State

          • P3 - Major loss of function.
          • Resolved

          JEP - Java Enhancement Proposal JDK-8245551 Distributed TLS Sessions

          • P2 - Crashes, loss of data, severe memory leak.
          • Draft

          Activity

            People

              ascarpino Anthony Scarpino
              ascarpino Anthony Scarpino
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: