Bug ID: JDK-8363967 Update JDK Providers Documentation: description of SunX509

Versions (Unresolved/Resolved/Fixed)

The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.

JDK 26
26Resolved

NOTE: the work on this issue should be started after CSR JDK-8360289 is approved.

Update the description of the SunX509 KeyManagerFactory algorithm in the JDK Providers Guide: https://docs.oracle.com/en/java/javase/24/security/oracle-providers.html#GUID-7093246A-31A3-4304-AC5F-5FB6400405E2

The following text:
---
SunX509: A factory for X509ExtendedKeyManager instances that manage X.509 certificate-based key pairs for local side authentication, but with less strict checking of certificate usage/validity and chain verification. This KeyManagerFactory supports initialization using a Keystore object, but does not currently support initialization using the class javax.net.ssl.ManagerFactoryParameters.

Note: The SunX509 factory is for backwards compatibility with older releases, and should no longer be used.
---

Should be replaces with something like this:
---
SunX509: same as PKIX but with better performance at the expense of not supporting initialization using the class javax.net.ssl.ManagerFactoryParameters. This KeyManagerFactory supports initialization using a Keystore object only. SunX509 caches its whole key store on initialization thus improving performance. This means that subsequent modifications of the KeyStore have no effect on SunX509 KM, unlike PKIX .
The legacy behavior (do not check certificates) of SunX509 KeyManagerFactory can be restored by setting `jdk.tls.SunX509KeyManager.certChecking` system property to `false`.
---