Hi,For the current HttpsURLConnection, there is not much security parameters exposed in the public APIs. An application may need richer information for the underlying TLS connections, for example the negotiated TLS protocol version.
Please let me know if you have concerns to add a new method HttpsURLConnection.getSSLSession() and deprecate the duplicated methods, by the end of Nov. 2, 2018.
Here is the proposal:
https://bugs.openjdk.java.net/browse/JDK-8213161
Thanks,
Xuelei
