On Sat, 6 Nov 2021 08:54:33 GMT, Daniel Jeliński <d...@openjdk.java.net> wrote:
> Can we extend the public API of `SSLContext` with methods for managing > `activeProtocols`, `activeCipherSuites` and possibly `algorithmConstraints`? > Without this API change we would need to check every time if the active > protocols, ciphers and constraints match the cached ones. > Yes, it is one direction that we could consider to have more configuration in SSLContext, rather than configure individually in each socket. I think it may improve the performance a lot. > Also, looking at the flame graphs provided, it appears that about 50% of the > handshake time is spent in `SSLAlgorithmDecomposer#decompose`; given that > there are only 3 instances of that class (and could be further reduced to 2), > would it make sense to optimize the method by caching the results of > algorithm decomposition? If it is true, I think should optimize the decompose method, may be not limited to caching. ------------- PR: https://git.openjdk.java.net/jdk/pull/5793
