jsr369-experts@servlet-spec.java.net

[jsr369-experts] Re: [servlet-spec users] Re: Question about TLS 1.2 Application-Layer Protocol Negotiation Extension

From: Greg Wilkins <gregw_at_intalio.com>
Date: Tue, 9 Dec 2014 14:09:21 +0100

Jetty has developed an ALPN extension for openjdk which I think several
other servers have picked up.

We have corresponded with the openJDK developers and made the impl
available... but they have indicated that they wish to take a different
approach, which may be more generic and aimed at arbitrary TLS extensions
(CDI etc.).

So our current expectation is that the resulting standard ALPN support is
going to look entirely different to what many of us are currently using.
This is probably going to result in a significant discontinuity in support
going from java8 to java9.

I'm not sure what we can do at this stage to avoid that. Perhaps we can
push the java developers to reveal their API sooner rather than later and
then we can morph the jetty impl into something similar.

cheers


On 9 December 2014 at 13:42, Mark Thomas <markt_at_apache.org> wrote:

> On 08/12/2014 20:44, Edward Burns wrote:
> >>>>>> On Thu, 27 Nov 2014 13:49:03 +0900, Eugene Chung() <
> euigeun_chung_at_tmax.co.kr> said:
> >
> > EC> HTTP/2 requires ALPN extension(rfc7301) for HTTP/2 over TLS.
> > EC> But Servlet 4.0(Java EE 8) will be based on Java SE 8, which is
> already
> > EC> released.
> >
> > EC> Java SE 8, exactly JSSE in it, doesn't support ALPN extension.
> > EC> I have been investigating but I couldn't find the way to use ALPN in
> a
> > EC> standard fashion for container developers.
> >
> > EC> Is there any plan for this? (endorsed JSSE for Java SE 8?)
> > EC> Or any other standard mechanism that I don't know?
> >
> > My plan of record is to leave this as an implementation detail. Yes, I
> > know there is an ALPN client coming in Java SE 9, but we will be
> > sticking with Java SE 8 as our base.
>
> That is a pretty large implementation detail. Is there nothing we can do
> here in terms of requesting a back-port of the ALPN client to Java 8?
>
> It seems like a missed opportunity to require each container to figure
> out a way to make this work for them on Java 8.
>
> Mark
> 



-- 
Greg Wilkins <gregw_at_intalio.com>  @  Webtide - *an Intalio subsidiary*
http://eclipse.org/jetty HTTP, SPDY, Websocket server and client that scales
http://www.webtide.com  advice and support for jetty and cometd.
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.