[11u] RFR: 8171279: Support X25519 and X448 in TLS
Andrew Haley
aph at redhat.com
Mon Nov 30 12:29:39 UTC 2020
On 11/30/20 11:30 AM, Lindenmaier, Goetz wrote:
>
> The FIPS feature is unsupported, and as I understand
> you can and shall select FIPS certified security by other means.
> So I'm not sure whether we should take this lightly.
I see.
Here's my thinking:
This is an LTS release. People who use it don't expect (and certainly don't
desire) their deployed applications to be broken by a minor update. Every
now and then we will break some applications, but only when there is some
critical bug that we must fix. We do not know what our customers use, so
the rule is "First, do no harm."
If we are going to break this now, we must reach a consensus position
either that there's no alternative or that FIPS mode cannot be suported.
--
Andrew Haley (he/him)
Java Platform Lead Engineer
Red Hat UK Ltd. <https://www.redhat.com>
https://keybase.io/andrewhaley
EAC8 43EB D3EF DB98 CC77 2FAD A5CD 6035 332F A671
More information about the jdk-updates-dev
mailing list