Use of OpenSSL as JCE security provider if available on system
Simone Bordet
simone.bordet at gmail.com
Thu Mar 21 15:42:25 UTC 2019
Hi,
On Thu, Mar 21, 2019 at 3:43 PM Sean Mullan <sean.mullan at oracle.com> wrote:
> But, if we want to explore this further, I think it first makes sense to
> take a step back and focus more on what benefits an OpenSSL provider or
> "native bridge" would provide.
Benchmarked 3x-10x performance improvements.
https://nbsoftsolutions.com/blog/dropwizard-1-3-upcoming-tls-improvements
I guess the memory allocation/footprint has similar improvements, with
the JDK insisting at requiring ~17 KiB buffers to read HTTP requests
in the order of <1 KiB.
--
Simone Bordet
---
Finally, no matter how good the architecture and design are,
to deliver bug-free software with optimal performance and reliability,
the implementation technique must be flawless. Victoria Livschitz
More information about the security-dev
mailing list