A new proposal to add methods to HttpsURLConnection to access SSLSession
Xuelei Fan
xuelei.fan at oracle.com
Tue Oct 30 20:55:10 UTC 2018
Hi,
For the current HttpsURLConnection, there is not much security
parameters exposed in the public APIs. An application may need richer
information for the underlying TLS connections, for example the
negotiated TLS protocol version.
Please let me know if you have concerns to add a new method
HttpsURLConnection.getSSLSession() and deprecate the duplicated methods,
by the end of Nov. 2, 2018.
Here is the proposal:
https://bugs.openjdk.java.net/browse/JDK-8213161
Thanks,
Xuelei
More information about the security-dev
mailing list