Concern

I’ve just checked in another huge chunk of code (and after only three days! It’s astounding how productive I am right now) that implements client-side handshaking and adds support for the legacy blocking-IO API. I’ve also done the necessary step of moving the long-running code from the server handshake into delegated tasks, which are run in helper threads, to avoid blocking the main IO thread. This essentially means that all the pieces comprising this project are in place, and that all that remains is to fix up the rough edges and to polish it up. In other words, I’ve gotten to nearly the 90% mark in a week and a half

But, right now, HTTPS client connections using the URLConnection work again. The only issue right now is that I can’t connect to https://www.google.com/, because their SSL server is returning an error to me! But other HTTPS servers I’ve tried work fine.

Other things I’d like to work on before the summer is over:

• Support for pre-shared key ciphersuites (PSK), described in RFC 4279.
• Support for OpenPGP certificates; still only a draft, but GNUTLS supports these. There are a few free Java OpenPGP versions I could use, but I think the best way may be to write a wrapper for GnuPG.
• Support for secure remote password (SRP) ciphersuites. Also just a draft, but Classpath already has support for SRP built-in. Again, GNUTLS supports these already.
• Kerberos support, from RFC 2712.
• Elliptic curve cryptography cipher suites, from RFC 4492.