RFR: 8351354: Enhance java -XshowSettings:security:tls to show enabled TLS groups and signature algorithms [v2]
Sean Mullan
mullan at openjdk.org
Fri Aug 1 15:31:00 UTC 2025
On Thu, 31 Jul 2025 12:58:21 GMT, Matthew Donovan <mdonovan at openjdk.org> wrote:
>> In this PR I added TLS groups and signature algorithms to the output of the show settings flag. The values are printed in a single column, like the cipher suites. There can be a lot of values so putting on a single line is ugly. I tried putting them in columns, but it is hard to read.
>
> Matthew Donovan has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains three additional commits since the last revision:
>
> - removed unused import, updated tools/launcher/Settings.java test
> - Merge branch 'master' into secsettings
> - 8351354: Enhance java -XshowSettings:security:tls to show enabled TLS groups and signature algorithms
Thanks for the latest screenshot. I don't think the signature algorithms should be "none". If we can't access the provider-specific defaults, then I think we should omit this information for now. @artur-oracle or @haimaychao can you check this out and see if there is a way to get those defaults? Thanks.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/24424#issuecomment-3144961133
More information about the security-dev
mailing list