Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8281236 (D)TLS key exchange named groups
  3. JDK-8291975

Release Note: (D)TLS Key Exchange Named Groups

    XMLWordPrintable

Details

    Description

      New Java SE APIs, `javax.net.ssl.SSLParameters.getNamedGroups()` and `javax.net.ssl.SSLParameters.setNamedGroups()`, have been added to allow applications to customize the named groups of key exchange algorithms used in individual TLS or DTLS connections.

      Note that the underlying provider may define the default named groups for each TLS or DTLS connection. Applications may also use the existing `jdk.tls.namedGroups` system property to customize the provider-specific default named groups. If not `null`, the named groups passed to the `setNamedGroups()` method will override the default named groups for the specified TLS or DTLS connections.

      Note that a provider may not have been updated to support the new APIs and in that case may ignore the named groups that are set. The JDK `SunJSSE` provider supports this method. It is recommended that third party providers add support for these methods when they add support for JDK 19 or later releases.

      Attachments

        Activity

          People

            xuelei Xuelei Fan
            xuelei Xuelei Fan
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: