[7u12] request for approval, 7109274, Restrict the use of certificates with RSA keys less than 1024 bits
Alan Bateman
Alan.Bateman at oracle.com
Fri Dec 28 13:18:24 PST 2012
On 28/12/2012 09:41, Xuelei Fan wrote:
> Hi,
>
> This is a request to backport a JDK 8 fix into JDK 7u12:
> 7109274: Restrict the use of certificates with RSA keys less than
> 1024 bits
>
Do you have any data to know if RSA keys < 1024 bits are used much these
days? On the surface it seems risky to rush into jdk7u without any bake
time in jdk8 first. On the other hand folks do need to be encouraged to
upgrade from weak keys, it's just whether to disable it now or give some
advance notice that this change is coming (I realize Microsoft did the
same thing a few months ago).
-Alan
More information about the jdk7u-dev
mailing list