Shibboleth Developers

[Kaspar Brand <>]

> I had tested with jdk 1.6.0u6. The latest 1.6.0u12 works fine.

Ok, then it's this bug here (from
http://java.sun.com/javase/6/webnotes/6u12.html):

> 6728126       jsse    runtime         Parsing Extensions in Client Hello 
> message is done in a wrong way 

The bug is not public, but OpenJDK is, fortunately enough ;-)

http://hg.openjdk.java.net/jdk7/tl/jdk/rev/16efbe49c725

(Previously JSSE was stumbling over an empty TLS ticket extension - but
the latter is perfectly legal according to RFC 4507/5077, when
negotiating a new TLS session.)

Kaspar