JDK-8305977 : Incomplete JSSE docs for FFDHE
  • Type: Enhancement
  • Component: docs
  • Sub-Component: guides
  • Priority: P4
  • Status: Resolved
  • Resolution: Delivered
  • Submitted: 2023-04-13
  • Updated: 2023-10-24
  • Resolved: 2023-10-24
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 21 JDK 22
21.0.2Resolved 22Resolved
Related Reports
Relates :  
JDK-8140436 - Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for TLS
Relates :  
JDK-8302577 - Update JSSE Guide for JDK-8301700: Increase the default TLS Diffie-Hellman group size from 1024-bit to 2048-bit
Relates :  
JDK-8297228 - Out-of-date docs for jdk.tls.ephemeralKeySize property
Description
The JSSE guide does not explain in enough detail how FFDHE and the jsse.enableFFDHE system property affects DH key exchange when other properties are set such as the jdk.tls.ephemeralDHKeySize system property.

Proposal is to add the following paragraph as the 2nd paragraph of https://docs.oracle.com/en/java/javase/21/security/java-secure-socket-extension-jsse-reference-guide.html#GUID-D9B216E8-3EFC-4882-B76E-17A87D8F2F9D :

Unless the jdk.tls.ephemeralDHKeySize system property is set to "legacy",
the SunJSSE implementation will first try to negotiate a common DH group
using FFDHE, which is a TLS extension defined by RFC 7919. 
If a group can be negotiated, the size defined by that group
will be used.  Otherwise,the implementation will fallback to using a keysize
as described below. FFDHE is enabled by default, but
can be disabled by setting the system property jsse.enableDHE to "false".