[8u] TLSv1.3 RFR: 8245476: Disable TLSv1.3 protocol in the ClientHello message by default
Alexey Bakhtin
alexey at azul.com
Thu Jul 16 04:51:22 UTC 2020
Hello Martin,
>
> One question: why do we need to include TLS 1.3 when retrieving the list
> of client enabled ciphersuites to assign
> CustomizedTLSContext::clientDefaultCipherSuites field?
>
TLS1.3 cipher suites should be enabled, otherwise we can not switch to TLSv1.3 protocol with SSLSocket.setEnabledProtocols() or SSLSocket.setSSLParameters(). TLS1.3 cipher suites will be disabled and handshake fails because of no appropriate protocol + cipher suite.
Regards
Alexey
> Thanks,
> Martin.-
>
More information about the jdk8u-dev
mailing list