The current JSSE javax.net.ssl.SSLSocket API is based on the
java.net.Socket model, which by nature uses a blocking API model. The
introduction of java.nio.channels API (JSR-51) brought a selectable,
non-blocking I/O model to J2SE, but was not based on Sockets. Developers
have requested a non-blocking SSL/TLS implementation that could be
applied to such diverse I/O abstractions, such as:

     Socket-Input/OutputStream
     non-blocking I/O (polling) (e.g. SocketChannel-nonblocking)
     selectable non-blocking I/O, (e.g. SocketChannel-Selectors)
     other asynchronous I/O models (e.g. the proposed JSR 203)
     local ByteBuffers/byte arrays

A new abstraction called SSLEngine is introduced which separates the
SSL/TLS functionality from the I/O. The SSLEngine operates simply on
inbound and outbound byte streams, and it is the responsibility of the
SSLEngine user to arrange for reliable I/O transport to the peer. By
separating the SSL/TLS abstraction from the I/O transport mechanism, the
SSLEngine can be used with a wide variety of I/O types.