RFR: 8314323: Implement JEP 527: TLS 1.3 Hybrid Key Exchange [v9]
Bradford Wetmore
wetmore at openjdk.org
Mon Dec 1 21:58:55 UTC 2025
On Mon, 1 Dec 2025 15:58:23 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> One other nit, currently the `Params` class doesn't actually handle `DH`, just `ECDH`/`XDH`. Should you remove `DH` from the `DH/ECDH/XDH` javadoc?
>
> Also, if it is only used by JSSE, I think it should be in the `sun.security.ssl` package.
We did include the internal `Tls*` implementations Sun in the `SunJCE` provider, but those were actually exposed/available as `KeyGenerator`s. I was never a fan, but it is what it is.
`sun.security.ssl` is a better fit for this and `Hybrid.java`, especially since these are strictly internal implementations for now.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27614#discussion_r2578818202
More information about the security-dev
mailing list