Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8287716

Wrong implementation RFC 2560 in OCSP.java

    XMLWordPrintable

Details

    Description

      ADDITIONAL SYSTEM INFORMATION :
      All OS - All system - Since Java 17

      A DESCRIPTION OF THE PROBLEM :
      Since jdk17 you implements the section A.1.1 from the RFC 2560. The RFC A.1.1 describe the request section as : To enable HTTP caching, small requests (that after encoding are less than 255 bytes), MAY be submitted using GET. - So it's a recommendation not obligation. But in the package java.base sun.security.provider.certpath.OCSP.java in the method getOCSPBytes line 225, the call to the GET is automatic if the request length after encoding is under or equal 255 bytes.
      There is no possibility to use the POST request method if the request length is under or equal 255 bytes. So :
      1: Put a flag to use POST method no matter the length of the request after encoding to respect the RFC 2560 section A.1.1.
      2: For GET verb, put the condition to strictly test under 255 bytes not under or equal.
      Thank you.


      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              webbuggrp Webbug Group
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: