Start of changes for service refresh 6 fix pack 25

Enabling TLS 1.3

From service refresh 6, fix pack 25, the SDK includes an implementation of the Transport Layer Security (TLS) 1.3 specification (RFC 8446).

TLS 1.3 is disabled for the default SSLContext (SSL or TLS) at the client endpoint and on the server. To enable the TLS 1.3 protocol on the server, use the jdk.tls.server.protocols system property.

Examples of how to enable the TLS 1.3 protocol at the client endpoint include the following:

Specify the supported protocols of an existing connection with the SSLSocket.setEnabledProtocols method:
```
sslSocket.setEnabledProtocols(new String[] { "TLSv1.3", "TLSv1.2"});
```

Create a TLS 1.3-based SSLContext:

SSLContext ctx = SSLContext.getInstance("TLSv1.3");

Specify the supported protocols with the SSLParameters.setProtocols method:
```
sslParameters.setProtocols(new String[] {"TLSv1.3", "TLSv1.2"});
```
Specify the supported protocols for client SSLSockets with the jdk.tls.client.protocols system property:
```
java -Djdk.tls.client.protocols="TLSv1.3,TLSv1.2" MyApplication
```
Specify the supported protocols for connections obtained through HttpsURLConnection or the method URL.openStream with the https.protocols system property:
```
java -Dhttps.protocols="TLSv1.3,TLSv1.2" MyApplication
```

Notes:

TLS 1.3 requires the IBMJCEPlus provider.

TLS 1.3 is not directly compatible with previous versions. Although TLS 1.3 can be implemented with a backward-compatibility mode, there are still several compatibility risks to consider when upgrading to TLS 1.3:

TLS 1.3 uses a half-close policy, while TLS 1.2 and earlier use a duplex-close policy. For applications that depend on the duplex-close policy, there might be compatibility issues when upgrading to TLS 1.3.
The signature_algorithms_cert extension requires that pre-defined signature algorithms are used for certificate authentication. In practice, however, an application might use unsupported signature algorithms.
The DSA signature algorithm is not supported in TLS 1.3. If a server is configured to only use DSA certificates, it cannot negotiate a TLS 1.3 connection.
The supported cipher suites for TLS 1.3 are not the same as TLS 1.2 and earlier. If an application hardcodes cipher suites that are no longer supported, it might not be able to use TLS 1.3 without modifications to its code, for example SSL_AES_128_GCM_SHA256 (1.3 and later) versus SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA (1.2 and earlier). For a list of cipher suites, see Cipher suites.
The TLS 1.3 session resumption and key update behaviors are different from TLS 1.2 and earlier. The compatibility impact should be minimal, but it could be a risk if an application depends on the handshake details of the TLS protocols.

End of changes for service refresh 6 fix pack 25