Return-Path: <dev-return-174753-archive-asf-public=cust-asf.ponee.io@tomcat.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id E7591200B0F
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Fri, 17 Jun 2016 13:13:02 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id E5E52160A61; Fri, 17 Jun 2016 11:13:02 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 3912F160A50
	for <archive-asf-public@cust-asf.ponee.io>; Fri, 17 Jun 2016 13:13:02 +0200 (CEST)
Received: (qmail 12399 invoked by uid 500); 17 Jun 2016 11:13:01 -0000
Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@tomcat.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@tomcat.apache.org>
List-Post: <mailto:dev@tomcat.apache.org>
List-Id: <dev.tomcat.apache.org>
Reply-To: "Tomcat Developers List" <dev@tomcat.apache.org>
Delivered-To: mailing list dev@tomcat.apache.org
Received: (qmail 12388 invoked by uid 99); 17 Jun 2016 11:13:01 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 17 Jun 2016 11:13:01 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id C7ACF1A10BE
	for <dev@tomcat.apache.org>; Fri, 17 Jun 2016 11:13:00 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: 0.713
X-Spam-Level: 
X-Spam-Status: No, score=0.713 tagged_above=-999 required=6.31
	tests=[KAM_LAZY_DOMAIN_SECURITY=1, NO_RDNS_DOTCOM_HELO=0.433,
	RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01,
	RCVD_IN_MSPIKE_WL=-0.01] autolearn=disabled
Received: from mx2-lw-us.apache.org ([10.40.0.8])
	by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024)
	with ESMTP id bo6gd2eaa9lB for <dev@tomcat.apache.org>;
	Fri, 17 Jun 2016 11:12:56 +0000 (UTC)
Received: from vms173019pub.verizon.net (vms173019pub.verizon.net [206.46.173.19])
	by mx2-lw-us.apache.org (ASF Mail Server at mx2-lw-us.apache.org) with ESMTPS id 96A6E5FAD6
	for <dev@tomcat.apache.org>; Fri, 17 Jun 2016 11:12:56 +0000 (UTC)
Received: from vz-proxy-l004.mx.aol.com ([64.236.82.151])
 by vms173019.mailsrvcs.net
 (Oracle Communications Messaging Server 7.0.5.32.0 64bit (built Jul 16 2014))
 with ESMTPA id <0O8W00J1KXT4KS70@vms173019.mailsrvcs.net> for
 dev@tomcat.apache.org; Fri, 17 Jun 2016 06:12:41 -0500 (CDT)
X-CMAE-Score: 0
X-CMAE-Analysis: v=2.1 cv=WpDWSorv c=1 sm=1 tr=0	a=eaPqxu9IKnv3tbb7QsXVMw==:117
 a=pD_ry4oyNxEA:10 a=13zjGPudsaEWiJwPRgMA:9	a=WbPmnYzAfxEA:10 a=mV9VRH-2AAAA:8
 a=m94T37Jm0M1C5JJGCNwA:9	a=QEXdDO2ut3YA:10 a=_aRuhnSpyg2P66ajBj8A:9
Received: by 71.127.40.115 with SMTP id 5ba65fcc; Fri, 17 Jun 2016 11:12:40 GMT
Subject: Re: Avoid use of SecureRandom during server startup
To: Tomcat Developers List <dev@tomcat.apache.org>
References: 
 <CAGm2hp66QpJO_EN7tDHsE5J-DNt8K1GtdvznmL4ffHHJ=Xg5tg@mail.gmail.com>
 <CANwj8Zq-tuJ0MaYS_XpRoX2VtHN-kZ492r9o8fx61sFYEmqTYQ@mail.gmail.com>
 <CAGm2hp5ScfQZjjJQ=0s=1xdA4rGOSftA1ej26Xk=vrkQhWSzcQ@mail.gmail.com>
 <CANwj8Zr2nEV8csLkF+odg2wxG3JfiGE1Mr-y4WHHQyR2AK-AKQ@mail.gmail.com>
From: Christopher Schultz <chris@christopherschultz.net>
Message-id: <6b0e5f07-b43a-673d-5005-2f286016df1d@christopherschultz.net>
Date: Fri, 17 Jun 2016 07:12:39 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0)
 Gecko/20100101 Thunderbird/45.1.1
MIME-version: 1.0
In-reply-to: 
 <CANwj8Zr2nEV8csLkF+odg2wxG3JfiGE1Mr-y4WHHQyR2AK-AKQ@mail.gmail.com>
Content-type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature";
 boundary=FKdbrxs12g4jtiBVQ4TvdbTF8LlEkcNLR
archived-at: Fri, 17 Jun 2016 11:13:03 -0000

--FKdbrxs12g4jtiBVQ4TvdbTF8LlEkcNLR
Content-Type: multipart/mixed; boundary="Tnjli5S9caEB1Qksi2C3SDXPLx4NkmGKQ"
From: Christopher Schultz <chris@christopherschultz.net>
To: Tomcat Developers List <dev@tomcat.apache.org>
Message-ID: <6b0e5f07-b43a-673d-5005-2f286016df1d@christopherschultz.net>
Subject: Re: Avoid use of SecureRandom during server startup
References: <CAGm2hp66QpJO_EN7tDHsE5J-DNt8K1GtdvznmL4ffHHJ=Xg5tg@mail.gmail.com>
 <CANwj8Zq-tuJ0MaYS_XpRoX2VtHN-kZ492r9o8fx61sFYEmqTYQ@mail.gmail.com>
 <CAGm2hp5ScfQZjjJQ=0s=1xdA4rGOSftA1ej26Xk=vrkQhWSzcQ@mail.gmail.com>
 <CANwj8Zr2nEV8csLkF+odg2wxG3JfiGE1Mr-y4WHHQyR2AK-AKQ@mail.gmail.com>
In-Reply-To: <CANwj8Zr2nEV8csLkF+odg2wxG3JfiGE1Mr-y4WHHQyR2AK-AKQ@mail.gmail.com>

--Tnjli5S9caEB1Qksi2C3SDXPLx4NkmGKQ
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

R=C3=A9my,

On 6/16/16 5:52 AM, R=C3=A9my Maucherat wrote:
> 2016-06-16 11:25 GMT+02:00 Andy Wilkinson <awilkinson@pivotal.io>:
>=20
>> On Thu, Jun 16, 2016 at 10:21 AM, R=C3=A9my Maucherat <remm@apache.org=
> wrote:
>>
>>> -1, I am against fake improvements.
>>>
>>
>> Do you consider the improvement for applications that do not use HTTP
>> sessions at all to also be fake?
>>
> This does not sound very realistic or common to me.

50% of our applications deployments are cookie-less, and we deploy on
separate Tomcats running on separate JVMs. That means that we have 50%
of our Tomcat instances that will never create an instance of
javax.servlet.http.HttpSession.

If SecureRandom is only being used for HttpSession id generation, it's
not necessary to do it on startup.

> There are different products, with different behaviors, that gives
> users a choice. Tomcat's strategy avoids any risk to delay user
> requests, so is not effectively worse than the other strategy.

I disagree: Tomcat's behavior will cause time-to-first-byte after a
restart to be the same as e.g. Untertow for a request-with-a-session,
but the time-to-first-byte for Untertow will be significantly less for a
request that does not require a session.

> You're basically asking for all products to behave the same because
> it would be nicer for your own product. That's fine, but choice is
> good.

No, that's not what he's saying at all.

Lazy Random-init sounds like a good idea. It's not clear to me if there
are any particular problems with such a strategy given Tomcat's current
implementation.


--Tnjli5S9caEB1Qksi2C3SDXPLx4NkmGKQ--

--FKdbrxs12g4jtiBVQ4TvdbTF8LlEkcNLR
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJXY9soAAoJEBzwKT+lPKRYYqAQAI0lScuSicyf4XVxoENmtaZC
UjSdAHAlvT76VL6CzEqVYrH/MQKTF5oc/m3S2e5yc/m0uNTX096i75ss+GHoAMsu
FenztqS9u8LL/yCHZ+XJ470GETSZPqT/crtmLQxNZMQDPoG4wzNOoqC7spVZrKk5
MIERTbQzKZcf6MbnmHm+Prt7BCHX+aHv8vx5rlV34HNTEWrWQI6ywYupDGy039kP
Omz0oPJgF9wzktTkxrMRrsrwXk9lF5prd77RL521CpS0dsjoz1+T529fqoGbCJ5T
HK6n9xUMg582vd/cnpbRT+SiEPwK3pOgbCKW1xnxu9L/aGbsX0NPEH5yfSAIqrXH
eua+9vg0NLcCUzI2/i68ZxZv6C01QNEsg9uzoIyOOaj4Bo2RG/vmx88yabJQ0uHQ
HQlncUFnE9+6bFhYONc1TkBUIiN4oCBN6oHrdbsVEphJe/pBkdc3UTrsA9IMmu0/
dxH90ols1E30Uy0vYTafoqC24ifJywV/kwAHDGxfdh8lsYO4d8TuGmdKslf+c50p
Ya2z/83vYhrhFl4e+Oa68nxc7K+CxXEAOPLUqHIFOB0FdUEL11xz9lOK3rUOaG3l
XHDk+8UygCIpNJxt4KGefYsy2b7TB7e+8u4Fo3B2YdK5mN6u5rFpogmBO3Y+IUHX
2VtH+SvIcraBNab7f2uG
=UPJf
-----END PGP SIGNATURE-----

--FKdbrxs12g4jtiBVQ4TvdbTF8LlEkcNLR--