[11u] RFR: 8202343: Disable TLS 1.0 and 1.1
Langer, Christoph
christoph.langer at sap.com
Thu Jan 14 11:00:24 UTC 2021
Hi Severin,
I've approved it. The other two fixes still need tagging (although they seem to be clean backports). I tested all 3 changes together.
Cheers
Christoph
> -----Original Message-----
> From: Severin Gehwolf <sgehwolf at redhat.com>
> Sent: Donnerstag, 14. Januar 2021 11:37
> To: Langer, Christoph <christoph.langer at sap.com>; jdk-updates-dev <jdk-
> updates-dev at openjdk.java.net>
> Subject: Re: [11u] RFR: 8202343: Disable TLS 1.0 and 1.1
>
> Hi,
>
> On Thu, 2021-01-14 at 10:04 +0000, Langer, Christoph wrote:
> > Hi Severin,
> >
> > your backport of this change looks good. Our nightly tests also show
> > no regressions.
> >
> > As for the TCK problems: Oracle informed us that one has to re-enable
> > the algorithms to pass the JCK test suite. No changes or excludes to
> > the current suite are planned. Re-enabling can be accomplished by
> > removing "TLSv1" and/or "TLSv1.1" from the
> > `jdk.tls.disabledAlgorithms` security property in the `java.security`
> > configuration file (e.g. by overriding settings).
> >
> > So I think this is good to go now.
>
> Thanks, Christoph!
>
> Tagged for approval now.
>
> Cheers,
> Severin
>
More information about the jdk-updates-dev
mailing list