Summary
-------

Add a new `keytool -showinfo -tls` command to display TLS configuration information.


Problem
-------

TLS configuration information (including the enabled cipher suites, their order, and the enabled protocols, etc) is very useful to both users and administrators and can vary depending on what JDK release or update is installed on the system and if any changes have been made to the `java.security` file to restrict cipher suites or protocols. Previously we had been documenting the enabled suites and protocols in the JSSE security guide, but that has been proven to be a moving target and difficult to keep up-to-date as additional weak cipher suites have been restricted, often in update releases. Thus, showing the information in keytool seems to be the best solution.

While keytool has been historically a tool managing keys and certificates, we think it can also be a home for this new function because (1) TLS is very close to key/cert and users of TLS and keytool are mostly the same, (2) it's the only security-related tool in java.base and we think it's not worth creating a separate new tool for the new function.

Solution
--------

Add a new keytool command `-showinfo` to display security-related information of the current JDK. Use an option to decide what kind of information to print out. The first such an option is `-tls` which will display the TLS configuration.

Specification
-------------

`keytool -help` will show a new command:

    -showinfo      Displays security-related information

and `keytool -help -showinfo` will show its available options:

    keytool -showinfo [OPTION]...

    Displays security-related information

    Options:

     -tls     Displays TLS configuration information
     -v       verbose output

The exact output format of `keytool -showinfo -tls` is not specified here and could evolve in future releases.