[11u] RFR: 8202343: Disable TLS 1.0 and 1.1
Severin Gehwolf
sgehwolf at redhat.com
Thu Jan 7 14:30:15 UTC 2021
Hi Christoph,
On Thu, 2021-01-07 at 14:16 +0000, Langer, Christoph wrote:
> Hi Severin,
>
> Happy new year!
Thanks. Happy new year to you too!
> This is not a review yet, I just wanted to let you know that we
> started testing your backport, together with the two follow up items.
>
> Results so far look quite promising as far as regressions are
> concerned. The only thing is that this change will break TCK as of
> now, so we just asked Oracle on whether there will be a TCK update
> for this. (I assume it must be...)
>
> Will get back to you.
OK, thank you!
Cheers,
Severin
> Best regards
> Christoph
>
> > -----Original Message-----
> > From: jdk-updates-dev <jdk-updates-dev-retn at openjdk.java.net> On
> > Behalf Of Severin Gehwolf
> > Sent: Freitag, 18. Dezember 2020 19:35
> > To: jdk-updates-dev <jdk-updates-dev at openjdk.java.net>
> > Subject: [11u] RFR: 8202343: Disable TLS 1.0 and 1.1
> >
> > Hi,
> >
> > Please review this downport for disabling TLS 1.0 and 1.1 via the
> > tls.disabledAlgorithms security property.
> >
> > The JDK 16 patch didn't apply cleanly. The differences are context
> > changes mostly. The hunk to TlsContextTest.java has been omitted
> > since
> > that test has been introduced with JDK 12+ (via JDK-8239594, not in
> > JDK
> > 11). Once reviewed and approved my intention is to push this
> > together
> > with follow-ups JDK-8256682 and JDK-8257083.
> >
> > CSR for this is (reused from Oracle):
> > https://bugs.openjdk.java.net/browse/JDK-8257122
> >
> > Bug: https://bugs.openjdk.java.net/browse/JDK-8202343
> > webrev: https://cr.openjdk.java.net/~sgehwolf/webrevs/JDK-
> > 8202343/01/webrev/
> >
> > Testing: jdk_security tests. No regressions noted.
> >
> > Thoughts?
> >
> > Thanks,
> > Severin
>
More information about the jdk-updates-dev
mailing list