[jdk11u-dev] RFR: 8245545: Disable TLS_RSA cipher suites [v3]
David Sladký
duke at openjdk.org
Wed Nov 26 10:06:28 UTC 2025
> Backport of [JDK-8245545](https://bugs.openjdk.org/browse/JDK-8245545) - Disable TLS_RSA cipher suites
>
> Some TLS suites do not preserve forward-secrecy and are not commonly used - and should not be used.
>
> Not clean back port. This includes:
> - Selection of disabled tests and some include that is in jdk11 but not in jdk17.
> - Changed indentation of edited block of string defining disabled cipher suites.
> - Bunch of copyright notices.
>
> Tested on Fedora 43:
> - gtests passed
> - T1 have same fails before and after the back port -> not related to this.
> - jtreg:test/jdk/sun/security passed.
>
> Github Actions passed.
David Sladký has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains three additional commits since the last revision:
- Merge master
- backport b838ae0a7bbe34f345a4d56af21df4badce0caf2
- backport c90978b8ec00bc19f467e6002528496283186579
-------------
Changes:
- all: https://git.openjdk.org/jdk11u-dev/pull/3124/files
- new: https://git.openjdk.org/jdk11u-dev/pull/3124/files/c1389344..26a5bb72
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk11u-dev&pr=3124&range=02
- incr: https://webrevs.openjdk.org/?repo=jdk11u-dev&pr=3124&range=01-02
Stats: 79 lines in 13 files changed: 54 ins; 3 del; 22 mod
Patch: https://git.openjdk.org/jdk11u-dev/pull/3124.diff
Fetch: git fetch https://git.openjdk.org/jdk11u-dev.git pull/3124/head:pull/3124
PR: https://git.openjdk.org/jdk11u-dev/pull/3124
More information about the jdk-updates-dev
mailing list