jdn@eng writes:

One thing I noticed is that we forgot to document the new
system property javax.net.ssl.sessionCacheSize. I added this
primarily for PersonalJava. This property, if present, contains
a positive integer which is the maximum number of SSL sessions
to retain in the session cache. The default is no limit which is
consistent with previous releases. The cache references are held
using soft references when present on the platform so that the
cache is flushed when memory runs tight. Setting this property also
puts a hard upper bound on the size regardless of whether soft
references are being used in the session cache implementation.

This there is no change from previous releases on existing
platforms and the property name is unlikely to clash with any other
local property name this should not be a major issue for folks
other than PersonalJava. Even with PersonalJava, the Sun reference
implementation includes non-standard soft references which JSSE
will fallback to. It is only non-Sun PersonalJava implementations
which might really need to turn on this property.

If documenting this is easy I suppose we should do so.
Since it is low priority, we might choose to update the docs
and push the update at a later time to avoid having to change
the docs for the initial push?


bradford.wetmore@eng 2001-03-14
We also need to document sessionTimeOut. Are we going
to make it a property or an API? Whatever it is, these
should be documented together.