RFR: 8254711: Add java.security.Provider.getService JFR Event

Sean Coffey coffeys at openjdk.org
Mon Sep 19 15:48:55 UTC 2022


On Wed, 27 Jul 2022 13:14:39 GMT, Sean Coffey <coffeys at openjdk.org> wrote:

> Add a JFR Event for `java.security.Provider.getService(String type, String algorithm)` calls.

> 

This new event is disabled by default just like the other crypto related events that were added some time back (e.g. `TLSHandshakeEvent`). My assumption is that these events will be enabled for audit mode when one is interested in finding out what their crypto operations looks like. Periodic events are good but for such operations I think it's critical that we capture all such crypto calls to ensure that admins get a good picture of what's been used/called. 

Perhaps we can have a discussion about whether such JDK events should be on by default and work the issue via another JBS issue. `jdk.Deserialization` is another example of a JDK level event that's off by default.

-------------

PR: https://git.openjdk.org/jdk/pull/9657


More information about the security-dev mailing list