On 3/13/25 3:44 PM, Scott Lewis wrote:
But from the point of view of the OSGi framework implementation (for example), has there been any discussion to alternatives to leaving SSLContext.setDefault open to all code at all times? e.g. deprecation of public static setDefault, or changing the semantics of setDefault so that it could only be called successfully once (on startup). I understand that may not be feasible due to api conventions, but was wondering if this or other approaches (enhancing JCP) have been considered/discussed.
I am not familiar with OSGi so I don't understand the scenario you are describing. Can you provide more details?
--Sean
