Open
Description
SSL server configuration was added in #2494. As part of that effort, the jetty-alpn-java-server ALPN implementation was chosen as it is the easiest to use, and supported on all architectures.
grpc warns against using https://github.com/grpc/grpc-java/blob/master/SECURITY.md#tls-with-jetty-alpn, but these concerns are primarily rooted in legacy versions of OpenJDK 8. Java 9 improved the situation to acceptable levels (at least enough to saturate 1Gib): jetty/jetty.project#215 (comment)
That said, there may be high-throughput use-cases that would benefit from alternative ALPN implementations (jetty-alpn-conscrypt-server). We should benchmark, support, and document how to enable alternative ALPN implementations. Essentially, the server setup:
implementation 'org.eclipse.jetty:jetty-alpn-conscrypt-server'Security.insertProviderAt(Conscrypt.newProvider(), 1);