Fix Version/s: 13
Compatibility Risk Description:There might be some projects that still use the internal internal package com.sun.net.ssl. But they have had plenty of advance warning to switch to javax.net.ssl.
Interface Kind:Java API, Other
Remove the internal package com.sun.net.ssl.
The package com.sun.net.ssl has been deprecated and the feature has been moved to the public package javax.net.ssl since JDK 1.4. The codes in the com.sun.net.ssl have not been updated for a while.
This internal package is not exported in the java.base module.
Clean up the code and remove the internal package com.sun.net.ssl.
Note that an application may still use the name "com.sun.net.ssl.internal.ssl.Provider" as the SunJSSE provider name. For compatibility, the name is still supported in the JDK. The actual implementation refers to the sun.security.ssl.SunJSSE class.
With this update, the SunJSSE provider can be specified with one of the following names:
1. SunJSSE 2. com.sun.net.ssl.internal.ssl.Provider
Both "SunJSSE" and "com.sun.net.ssl.internal.ssl.Provider" are existing names.
No public specification update. See Solution section.
Suggested Release Note
The internal package com.sun.net.ssl is removed from the SunJSSE provider. The legacy provider name, "com.sun.net.ssl.internal.ssl.Provider", is reserved for compatibility. However, "SunJSSE" should be used for new applications (for example, "SSLContext.getInstance("TLS", "SunJSSE")").