One of the most important features of JCA is that it doesn't rely on any one particular encryption algorithm. Each well-known encryption algorithm has its advantages and disadvantages, and new ones are being developed all the time. The JCA allows new algorithms to be plugged in as they are developed. It uses the concept of the cryptographic service provider (CSP), which is something like a security plug-in. A CSP supplies the implementation of a particular algorithm. JDK 1.4 comes bundled with CSPs, including the SunJSSE, that provide many standard algorithms; altogether, these are sufficient for most uses.

JSSE provides secure socket communication for the Java 2 platform. More precisely, it implements Secure Socket Layer (SSL) and Transport Layer Security (TLS), two standardized protocols for implementing secure communications over the Internet. Both SSL and TLS rely on public-key cryptography, which is described in the next panel.