[Bug 2250] JSSE server is still limited to 768-bit DHE
bugzilla-daemon at icedtea.classpath.org
bugzilla-daemon at icedtea.classpath.org
Mon Mar 2 14:06:58 UTC 2015
http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=2250
--- Comment #3 from Andrew Haley <aph at redhat.com> ---
> I don't see any reason why we couldn't backport this, but change the default
> to legacy mode. Users would then have to explicitly turn on larger key sizes
> and the default setup would remain compatible with existing OpenJDK 7
> installations.
The problem is that "useLegacyEphemeralDHKeys" is a static property across the
whole JVM and it doesn't just change the limit of the key length but a default.
I can certainly think of cases where this would break an application server.
In any case we should not treat this as an IcedTea7-local change; it should be
synced with OpenJDK 7.
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20150302/45a06de5/attachment.html>
More information about the distro-pkg-dev
mailing list