JSSE patches for HonorCipherOrder and preventing client-initiated renegotiations
neale at metawerx.net
Fri Mar 23 23:19:23 PDT 2012
Just joined the list, nice to meet you.
I have developed two changes for JSSE which add the ability to use an HonorCipherOrder feature (an option in openssl) and to prevent client-initiated renegotiations (like openssl does now by default).
These work fine in my local tests and on the ssllabs test.
I've submitted patches for Tomcat before, but I'm new to contributing to openjdk. Therefore, I am interested in teaming up with 1 or more other developers to sponsor me, offer relevant advice, review these patches and develop the corresponding unit tests.
If you would like to team up on these two, please contact me.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the security-dev