[11u] RFR: 8202343: Disable TLS 1.0 and 1.1
Langer, Christoph
christoph.langer at sap.com
Thu Jan 7 14:16:12 UTC 2021
Hi Severin,
Happy new year!
This is not a review yet, I just wanted to let you know that we started testing your backport, together with the two follow up items.
Results so far look quite promising as far as regressions are concerned. The only thing is that this change will break TCK as of now, so we just asked Oracle on whether there will be a TCK update for this. (I assume it must be...)
Will get back to you.
Best regards
Christoph
> -----Original Message-----
> From: jdk-updates-dev <jdk-updates-dev-retn at openjdk.java.net> On
> Behalf Of Severin Gehwolf
> Sent: Freitag, 18. Dezember 2020 19:35
> To: jdk-updates-dev <jdk-updates-dev at openjdk.java.net>
> Subject: [11u] RFR: 8202343: Disable TLS 1.0 and 1.1
>
> Hi,
>
> Please review this downport for disabling TLS 1.0 and 1.1 via the
> tls.disabledAlgorithms security property.
>
> The JDK 16 patch didn't apply cleanly. The differences are context
> changes mostly. The hunk to TlsContextTest.java has been omitted since
> that test has been introduced with JDK 12+ (via JDK-8239594, not in JDK
> 11). Once reviewed and approved my intention is to push this together
> with follow-ups JDK-8256682 and JDK-8257083.
>
> CSR for this is (reused from Oracle):
> https://bugs.openjdk.java.net/browse/JDK-8257122
>
> Bug: https://bugs.openjdk.java.net/browse/JDK-8202343
> webrev: https://cr.openjdk.java.net/~sgehwolf/webrevs/JDK-
> 8202343/01/webrev/
>
> Testing: jdk_security tests. No regressions noted.
>
> Thoughts?
>
> Thanks,
> Severin
More information about the jdk-updates-dev
mailing list