[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [jetty-users] Does Jetty support the function of export keying material for TLS defined in RFC5705?
|
Hi,
On Fri, Apr 1, 2022 at 11:45 AM Xia Bing <bing_xia518@xxxxxxxxxxx> wrote:
>
> Hi, Jetty team,
>
> Could anyone help to clarify the this question:
> After setting up the HTTP2/TLS session by Jetty HTTP2 client, can upper application gets the exported keying material for TLS defined in RFC5705 by some APIs provided by Jetty?
> Looking forward to the reply!
This functionality should be provided by the TLS implementation, and
Jetty can only forward what the TLS implementation provides.
Unfortunately, I don't think the OpenJDK implementation provides EKM,
see https://bugs.openjdk.java.net/browse/JDK-8201287.
If you find otherwise about OpenJDK, let us know.
If you find a way to use EKM with BouncyCastle, let us know how you did it.
--
Simone Bordet
---
Finally, no matter how good the architecture and design are,
to deliver bug-free software with optimal performance and reliability,
the implementation technique must be flawless. Victoria Livschitz
