RFR: 8209992: Align SSLSocket and SSLEngine Javadocs
Bradford Wetmore
wetmore at openjdk.org
Fri Jul 25 20:15:53 UTC 2025
On Fri, 25 Jul 2025 16:27:42 GMT, Artur Barashev <abarashev at openjdk.org> wrote:
> Add a javadoc paragraph to SSLSocket.startHandshake() and SSLEngine.beginHandshake() methods explaining behavioral differences between TLSv1.3+ and TLSv1.2- versions.
The renegotiation wording should probably updated in both the SSLSocket/SSLEngine section. As was pointed out, TLSv1.3 is not a full renegotiation.
You could soften some of the wording with something like (needs wordsmithing):
The behavior of this method is protocol- and possibly implementation- dependent: For
example, in TLSv1.2 and earlier could do X, and in TLSv1.3 calling this method would do
Y.
I think the submitter was also asking for a similar layout/wording between the two, while highlighting the differences where needed. This would make the learning curve a bit smaller.
This probably will need a CSR.
-------------
PR Review: https://git.openjdk.org/jdk/pull/26484#pullrequestreview-3056681817
More information about the security-dev
mailing list