Code review request, 8028518, Increase the priorities of GCM cipher suites
Bradford Wetmore
bradford.wetmore at oracle.com
Fri Jan 3 22:41:50 UTC 2014
Looks ok to me, with the exception as you pointed out that this doesn't
follow section 4 of RFC 6460. Why was this done, and how did you
originally determine the original ciphersuite ordering for GCMs?
Brad
On 12/29/2013 7:56 PM, Xuelei Fan wrote:
> Hi,
>
> Please review this small update.
>
> webrev: http://cr.openjdk.java.net/~xuelei/8028518/webrev.00/
>
> In TLS protocols, cipher suite specifies the crypto algorithms used in
> TLS connections. The priorities of cipher suites define the preference
> order that a cipher suite may be used in a TLS connection.
>
> When introducing the AEAD/GCM cipher suites in SunJSSE provider (JEP
> 115)[1], for better compatibility and interoperability, we decided to
> decrease the priority of cipher suites in GCM mode for a while before
> GCM technologies mature in the industry.
>
> It's time to consider to increase the priorities of GCM mode cipher
> suite in early stage of JDK 9.
>
> Thanks,
> Xuelei
>
> [1] http://openjdk.java.net/jeps/115
More information about the security-dev
mailing list