On Mon, 19 Sep 2022 15:46:46 GMT, Sean Coffey <coff...@openjdk.org> wrote:
> This new event is disabled by default just like the other crypto related > events that were added some time back (e.g. `TLSHandshakeEvent`). My > assumption is that these events will be enabled for audit mode when one is > interested in finding out what their crypto operations looks like. Periodic > events are good but for such operations I think it's critical that we capture > all such crypto calls to ensure that admins get a good picture of what's been > used/called. I remember we had this discussion a few years back and maybe we need both? Some events for audits and some that can be detected by the JMC rules engine in a normal recording? Perhaps it's time to introduce a parameterized setting, similar to what we have for GC and compiler, where user can specify levels. From JDK 17, they can be specified on command line, i.e. $ java -XX:StartFlightRecording:security=off/normal/debug/audit This would lower the bar and make the events useful to more people. We can do this in another JBS issue. ------------- PR: https://git.openjdk.org/jdk/pull/9657
