[8u, 11u] Disabling TLS 1.0/1.1 in 8u292/11.0.11 ?
Langer, Christoph
christoph.langer at sap.com
Thu Nov 19 12:53:46 UTC 2020
Hi Volker,
speaking for 11u: I would think so. Unless somebody has really good reasons not to follow Oracle here.
After all, if somebody would have issues with that after April, there would always be the fallback to turn it back on via java.security. So I see the risk as quite acceptable.
Best regards
Christoph
> -----Original Message-----
> From: jdk-updates-dev <jdk-updates-dev-retn at openjdk.java.net> On
> Behalf Of Volker Simonis
> Sent: Donnerstag, 19. November 2020 11:10
> To: jdk8u-dev <jdk8u-dev at openjdk.java.net>; jdk-updates-dev <jdk-
> updates-dev at openjdk.java.net>
> Subject: [8u, 11u] Disabling TLS 1.0/1.1 in 8u292/11.0.11 ?
>
> Hi 8u/11u maintainers,
>
> Oracle has announced in their "Cryptographic Roadmap" [1] that they
> will disable TLS 1.0/1.1 in Oracle jdk 7,8,11 by 2021-04-20 and in jdk
> 16 by 2021-03-16. A change/csr for jdk 16 [2,3] is currently under
> review [4].
>
> Do you plan to do the same for 8u292 and 11.0.11 in April 2021?
>
> Thank you and best regards,
> Volker
>
> [1] https://java.com/en/jre-jdk-cryptoroadmap.html
> [2] https://bugs.openjdk.java.net/browse/JDK-8202343
> [3] https://bugs.openjdk.java.net/browse/JDK-8254713
> [4] https://github.com/openjdk/jdk/pull/1235
More information about the jdk-updates-dev
mailing list