-
Enhancement
-
Resolution: Fixed
-
P3
-
8, 11, 12
-
b21
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8149577 | 11.0.5-oracle | Sean Coffey | P3 | Resolved | Fixed | b01 |
| JDK-8226636 | 11.0.5 | Christoph Langer | P3 | Resolved | Fixed | b01 |
| JDK-8149578 | 8u231 | Sean Coffey | P3 | Resolved | Fixed | b01 |
| JDK-8229613 | emb-8u231 | Sean Coffey | P3 | Resolved | Fixed | b01 |
Via the introduction of JFR Crypto Events (JDK-8186986), security library code could start recording events of particular interest to the JFR recording framework (if enabled). Code using this new 'EventRuntime' API would be inserted into security library classes and could communicate directly with JFR libraries if present. If not present, we have have stub holders that simply end up logging to the System Logger as a fall back.
Examples of events to record would be :
* Certificates encountered while setting up a TLS connection
* TLS protocol version and ciphersuite used for each TLS connection attempt
* Overriding of default security properties
Once such data is recorded, there's potential for a client tool, coupled with a ruleset to analyze the new events and report back to system administrators about the overall strength of their Java applications with respect to cryptographic standards.
- backported by
-
JDK-8149577 Enhance the security libraries to record events of interest
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
- blocks
-
JMC-5561 Support for Crypto Events in JMC
-
- Open
-
- is blocked by
-
-
- Resolved
-
-
-
- Resolved
-
- relates to
-
JDK-8255348 NPE in PKIXCertPathValidator event logging code
-
- Resolved
-
-
-
- Resolved
-
-
-
- Closed
-
-
-
- Open
-
-
-
- Resolved
-
-
-
- Closed
-
-
-
- Resolved
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-