public final class ConfidentialityStrength extends Object implements InvocationConstraint, Serializable
The use of an instance of this constraint does not directly imply a Confidentiality.YES
constraint; that must be specified separately to ensure
that confidentiality is actually ensured.
Serialization for this class is guaranteed to produce instances that are
comparable with ==
. For future security, this may be converted
to an enum, which is a breaking change, in order to honor the preceding statement.
This constraint is supported by the endpoints defined in this package.
The SslTrustVerifier
trust verifier may be used for establishing
trust in remote proxies that use instances of this class.
SslEndpoint
,
SslServerEndpoint
,
HttpsEndpoint
,
HttpsServerEndpoint
,
SslTrustVerifier
,
Serialized FormModifier and Type | Field and Description |
---|---|
static ConfidentialityStrength |
STRONG
RFC 7525 Current best practice, if confidentiality of message contents
is ensured, then use strong confidentiality for message contents.
|
static ConfidentialityStrength |
WEAK
If confidentiality of message contents is ensured, then use weak
confidentiality for message contents.
|
Constructor and Description |
---|
ConfidentialityStrength(AtomicSerial.GetArg arg) |
public static final ConfidentialityStrength STRONG
STRONG confidentiality isn't possible, unless both client and server are authenticated.
Guidance:
public static final ConfidentialityStrength WEAK
All protocols allowed by WEAK are known to be vulnerable to attack.
Note that in all previous versions of Apache River and Jini, that the following protocols are considered STRONG.
For the endpoints in this package, this constraint is supported by cipher suites with the following cipher algorithms:
public ConfidentialityStrength(AtomicSerial.GetArg arg) throws IOException
IOException
Copyright © 2016–2018. All rights reserved.