Please Review: required security algorithms for Java SE 7 implementations

Brad Wetmore bradford.wetmore at oracle.com
Fri Dec 17 04:07:08 UTC 2010


>>>> I think the TLSv1 cipher suite list is effectively much longer.
>>>> Correct?
>>>
>>> Yes, but only TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA is mandatory. See
>>> section 9 of RFC 2246: http://www.ietf.org/rfc/rfc2246.txt
>>
>> I think it's prudent to require TLS_RSA_WITH_AES_128_CBC_SHA as well
>> (which is mandatory per RFC 5246). And RFC 5746 support should be
>> required, too (which includes TLS_EMPTY_RENEGOTIATION_INFO_SCSV).
>
> TLS_RSA_WITH_AES_128_CBC_SHA is not listed because we did not specify
> that TLS 1.1 or TLS 1.2 should be requirements. TLS 1.1 and 1.2 are new
> features of JDK 7 and AFAIU are not as widely used as TLS 1.0 yet.

Which is why we didn't also include TLS_RSA_WITH_3DES_EDE_CBC_SHA from 
TLS 1.1.  When TLS 1.1/1.2 is added to the mandatory list, I expect 
we'll add these.

> Brad, can you comment on the RFC 5746 support? Do you think we should
> make the TLS_EMPTY_RENEGOTIATION_INFO_SCSV CipherSuite a requirement of
> all Java 7 TLS 1.0 implementations?

That's an excellent question.  The RFC has been out less than a year, 
but it does address a significant issue.  I'm inclined to say yes. 
Xuelei, do you have an opinion?

Brad




More information about the security-dev mailing list