Andrea Cosentino created CAMEL-23188:
----------------------------------------
Summary: Core: Auto-configure PQC TLS named groups when JVM
supports X25519MLKEM768
Key: CAMEL-23188
URL: https://issues.apache.org/jira/browse/CAMEL-23188
Project: Camel
Issue Type: Improvement
Reporter: Andrea Cosentino
Assignee: Andrea Cosentino
Fix For: 4.19.0
When the JVM provides the post-quantum hybrid key exchange group
{{X25519MLKEM768}} (expected in JDK 25+, but also available via providers like
BouncyCastle), Camel's {{SSLContextParameters}} does not automatically prefer
it. Users must manually configure {{namedGroups}} to enable post-quantum key
exchange, leaving them vulnerable to harvest-now-decrypt-later attacks by
default.
This change makes {{SSLContextParameters.createSSLContext()}} automatically
detect and prefer PQC named groups when available, with zero configuration
required from the user.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
