RFR: 8314323: Implement JEP 527: TLS 1.3 Hybrid Key Exchange [v5]
Artur Barashev
abarashev at openjdk.org
Tue Oct 14 23:14:08 UTC 2025
On Tue, 14 Oct 2025 22:58:47 GMT, Hai-May Chao <hchao at openjdk.org> wrote:
>> Implement hybrid key exchange support for TLS 1.3 by adding three post-quantum hybrid named groups: X25519MLKEM768, SecP256r1MLKEM768, and SecP384r1MLKEM1024.
>> Please see [JEP 527](https://openjdk.org/jeps/527) for details about this change.
>
> Hai-May Chao has updated the pull request incrementally with one additional commit since the last revision:
>
> Fix typo in NamedGroup test
src/java.base/share/classes/sun/security/ssl/ServerHello.java line 577:
> 575: // Both peers perform similar operations: generate a public key,
> 576: // send it, and compute a shared secret upon receiving the peer's
> 577: // public key.
Nit: We use both `public key` and `key share` in this comment when describing Traditional Key Agreement. I think we should use only `key share` (as in RFC 8446) when describing a traditional key exchange to avoid any confusion with KEM's public key.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27614#discussion_r2430718513
More information about the security-dev
mailing list