Latest JDK Release Adds Support for TLS 1.3 and HTTP/2

Oracle has released JDK 11, the latest update of the reference implementation of the Java SE Platform, and the first long-term support (LTS) update under the company's new six-month release schedule.

JDK 11 comes with several developer productivity enhancements, along with new support for modern cryptographic and Internet standards, including TLS 1.3 and HTTP/2.

The new accelerated release cadence, announced last year, calls for a feature release every six months, update releases every quarter, and an LTS release every three years (or once every six versions). The JDK 10 release in March was a feature release and the first in the new rapid release cadence. The next LTS release will be Java 17, which is scheduled for release in September 2021.

"Long-term support" means Oracle will provide security and bug-fixes for JDK 11 through the Java 17 update.

"The LTS model releases enable our customers to migrate from one well supported Java SE LTS release to the next at their own pace, while at the same time allowing the Java developer ecosystem to get access to improvements faster than before," said Georges Saab, vice president of software development in Oracle's Java Platform Group, in a prepared statement. "Together with the introduction of Oracle Java SE Subscription, customers now have an easy way to benefit from access to regular releases of tested and certified performance, stability, and security updates, directly from Oracle."

Oracle unveiled its Java SE Subscription service in June. The monthly subscription provides Java SE licensing and support for use on desktops, servers and cloud deployments It covers commercial features and tools and includes Oracle Premier Support for current and previous Java SE versions.

Since the release of Java SE 8, Oracle and the Java community have collaborated on more than 100 new enhancements that were added through JDK 9, 10 and 11. Oracle is throwing a spotlight on two in this update: support for HTTP/2 and TLS 1.3. HTTP/2 is a major revision of the HTTP network protocol. Oracle is providing the support via a new HTTP client API (JEP 110), currently an incubator module. The Transportation Layer Security (TLS) 1.3 protocol, which is the successor to SSL (Secure Sockets Layer), is also supported (JEP 332). TLS provides secure communication between Web browsers and servers.

"The new Java release cycle for Java SE means that important security protocols and other standards such as TLS 1.3 can be released and adopted rapidly," said Jim Manico, co-author of "Iron Clad Java" and founder of Manicode Security, in a statement, "giving application developers more tools to write secure software with the world's most popular language -- Java!"

The list of other features Oracle is highlighting in the JDK 11 release includes:

  • Nest-based access controls: eliminates the need for compilers to insert accessibility-broadening bridge methods.
  • Dynamic class-file constants: reduces the cost and disruption of creating new forms of materializable class-file constants and offers broader options for expressivity and performance.
  • ZGC: a completely passive GC implementation with a bounded allocation limit and the lowest latency overhead possible.
  • Flight Recorder: low overhead data collection framework for troubleshooting Java applications and the HotSpot JVM.

Additional information can be found at oracle.com.

About the Author

John K. Waters is the editor in chief of a number of Converge360.com sites, with a focus on high-end development, AI and future tech. He's been writing about cutting-edge technologies and culture of Silicon Valley for more than two decades, and he's written more than a dozen books. He also co-scripted the documentary film Silicon Valley: A 100 Year Renaissance, which aired on PBS.  He can be reached at [email protected].

Featured

  • illustration of a football stadium with helmet on the left and laptop with ed tech icons on the right

    The 2025 NFL Draft and Ed Tech Selection: A Strategic Parallel

    In the fast-evolving landscape of collegiate football, the NFL, and higher education, one might not immediately draw connections between the 2025 NFL Draft and the selection of proper educational technology for a college campus. However, upon closer examination, both processes share striking similarities: a rigorous assessment of needs, long-term strategic impact, talent or tool evaluation, financial considerations, and adaptability to a dynamic future.

  • AI microchip under cybersecurity attack, surrounded by symbols of threats like a skull, spider, lock, and warning shield

    Report: Agentic AI Protocol Is Vulnerable to Cyber Attacks

    A new report has identified significant security vulnerabilities in the Model Context Protocol (MCP), technology introduced by Anthropic in November 2024 to facilitate communication between AI agents and external tools.

  • digital dashboard featuring a shield icon, graphs, a world map, and network nodes

    IBM Introduces Agentic AI Governance and Security Platform

    IBM has launched a new software stack for enterprise IT teams tasked with managing the complex governance and security challenges posed by autonomous AI systems.

  • computer monitor with an envelope and padlock shield icon

    Email Security Transparency Dashboard Added to Office 365 Defender

    Microsoft has announced a new e-mail security dashboard in Microsoft Defender for Office 365, offering customers visibility into threat detection metrics and benchmarking data.