[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [jetty-dev] NextProtoNego and OSGi
|
Hi,
On Sat, Jan 26, 2013 at 9:10 AM, Gunnar Wagenknecht
<gunnar@xxxxxxxxxxxxxxx> wrote:
> So our own TLS implementation is done using a custom
> SSLSocketFacktory/SSLServerSocketFactory. It creates the sockets/channels
> that you use and provide you with the necessary details and the decrypted
> bytes. No low-level dealing with the SSLEngine is necessary at all for
> proper NIO.
Sorry, not following, can you expand ?
Did you rewrite the SSL implementation on your own ?
Otherwise I don't see how you can plug in NPN.
How do you implement non-blocking writes if you use sockets and streams ?
> The benefits of this stack is that it allows us to speak to the German
> passport which requires some extensions/features that aren't available in
> the JRE implementation. Additionally, the implementation is very light
> compared to the JRE implementation in terms of object creation, etc. Thus,
> it also runs nicely on Android. We also have NPN.
So you have rewritten the SSL parsing/generation and all that ?
If so, what guarantee do you have that it is secure and does not
contain security exploits ?
Thanks !
--
Simone Bordet
----
http://cometd.org
http://webtide.com
http://intalio.com
Developer advice, training, services and support
from the Jetty & CometD experts.
Intalio, the modern way to build business applications.
