On Tue, 15 Nov 2022 17:41:19 GMT, Sean Mullan <mul...@openjdk.org> wrote:
> Please review this PR to add an implementation note to > the`SSLContext.getInstance` methods to document the behavior when a protocol > is disabled. > _Mailing list message from [Xuelei Fan](mailto:xuele...@gmail.com) on > [security-dev](mailto:security-...@mail.openjdk.org):_ > > > The wording in this PR specifically refers to the protocol version that > > was specified. It isn't covering other optional protocols that may be > supported. > > Sorry, I may not make it clear. The protocol specified in > SSLContext.getInstance is not TLS protocol version. I think the protocol > disabled in security properties refers to protocol version. Where in the javadoc APIs does it say that? I think the only assumption you can make is that the SSLContext that is returned supports the protocol version that was specified. Whether or not it supports other versions is completely implementation-specific AFAICT. ------------- PR: https://git.openjdk.org/jdk/pull/11172
