The revised API for the channel binding callback uses SSL sessions, but the standard TLS channel binding types according to the RFC are associated with the connection, not the session. It is likely that the proposed channel bindings JDK API will exist on SSLSocket/SSLEngine. Introduce an API that allows the callback handlers to acquire the connection information using a forward-compatible API.