Code review request, 8028518, Increase the priorities of GCM cipher suites

Bradford Wetmore bradford.wetmore at oracle.com
Fri Jan 3 14:41:50 PST 2014


Looks ok to me, with the exception as you pointed out that this doesn't 
follow section 4 of RFC 6460.  Why was this done, and how did you 
originally determine the original ciphersuite ordering for GCMs?

Brad


On 12/29/2013 7:56 PM, Xuelei Fan wrote:
> Hi,
>
> Please review this small update.
>
> webrev: http://cr.openjdk.java.net/~xuelei/8028518/webrev.00/
>
> In TLS protocols, cipher suite specifies the crypto algorithms used in
> TLS connections.  The priorities of cipher suites define the preference
> order that a cipher suite may be used in a TLS connection.
>
> When introducing the AEAD/GCM cipher suites in SunJSSE provider (JEP
> 115)[1], for better compatibility and interoperability, we decided to
> decrease the priority of cipher suites in GCM mode for a while before
> GCM technologies mature in the industry.
>
> It's time to consider to increase the priorities of GCM mode cipher
> suite in early stage of JDK 9.
>
> Thanks,
> Xuelei
>
> [1] http://openjdk.java.net/jeps/115


More information about the security-dev mailing list