JEP draft: (D)TLS signature schemes

OwnerXuelei Fan
StatusClosed / Withdrawn
Componentsecurity-libs /
Discussionsecurity dash dev at openjdk dot java dot net
Created2022/01/22 06:00
Updated2022/01/27 22:01


Support signature schemes customization for individual (D)TLS connection.



(D)TLS signature schemes implementation is not part of this JEP. This JEP will focus on defining new APIs so that an application is able to customize signature schemes for individual (D)TLS connections. It is not a goal to enhance the existing signature schemes in JDK.


In a (D)TLS connection, the client and server may support different signature algorithms. (D)TLS specifications (see RFC 8446 and RFC 5246) define the procedure to negotiate the signature algorithms that could be used in digital signatures during the negotiation of (D)TLS connections.

In JEP 332: Transport Layer Security (TLS) 1.3 and the follow-on enhancements, JDK implemented the procedure and essential signature schemes. And in JDK-8242141, in order to configure the default signature schemes, the jdk.tls.client.SignatureSchemes System Property was added for the TLS client side configuration, and the jdk.tls.server.SignatureSchemes System Property was added for the server side configuration.

Rather than using the provider default signature schemes, applications may want to customize the signature schemes for individual connections, for fine control of the security properties. New APIs are need to support this flexibility.


This feature defines the public APIs to define the signature schemes that can be used to establish (D)TLS connections. The signature schemes are conveyed between client and server during the (D)TLS handshake.

A (D)TLS application can use an extended SSLParameters class to get and set the list of signature scheme names that are supported on a given connection. The (D)TLS implementation also uses this class to retrieve the signature schemes declared by the application.

The proposed design follows a similar API methodology used for the JEP 114: TLS Server Name Indication (SNI) Extension, which was introduced in JDK 8.


Applications can use the jdk.tls.client.SignatureSchemes and jdk.tls.server.SignatureSchemes System Properties for the default signature schemes configuration. However, the configuration impacts all connections and applications running on the same JVM.