Summary

Some additional text in the javax.net.ssl.SSLEngine and javax.net.ssl.SSLSession APIs should be removed about access control context which is no longer applicable after JEP 486 has been integrated.

Problem

The specified text no longer applies and is not implemented.

Solution

Remove the text. See Specification below for changes.

Specification

In the SSLEngine class description, this paragraph should be removed:

"Applications might choose to process delegated tasks in different threads. When an {@code SSLEngine} is created, the current {@link java.security.AccessControlContext} is saved. All future delegated tasks will be processed using this context: that is, all access control decisions will be made using the context captured at engine creation."

The following text should also be removed from the getDelegatedTask method of SSLEngine:

"Delegated tasks run in the {@code AccessControlContext} in place when this object was created."

In SSLSession, the following text should be removed from the putValue, getValue, removeValue, and getValueNames methods:

"For security reasons, the same named values may not be visible across different access control contexts."

The following text should also be removed from the name parameter of the removeValue method: "visible across different access control contexts"