Implement TLS_FALLBACK_SCSV for OpenJDK 9

Florian Weimer fweimer at
Thu Oct 16 15:20:40 UTC 2014

I have implemented TLS_FALLBACK_SCSV for OpenJDK 9:


The justification is that there might be web browsers (with the broken 
fallback behavior) which directly connect to HTTPS servers implemented 
in Java.

Code review is here:


Can I get a bug ID?  Then I will include it in a follow-up patch, 
together with a test case.

The client-side part is mainly there to support testing the server-side 
part, it really should not be used.  I do not plan to include it in the 
backports because of the public API change.

I have not added a configuration knob to the server-side code because 
the risk of it going wrong is extremely low (basically, a client would 
have to use the 0x5600 cipher suite value for something else entirely).

There is still an ongoing discussion in IETF TLS WG whether this is a 
good idea.  I think it is not, others disagree.  I wanted to post this 
CR nevertheless to avoid duplicating work.

Florian Weimer / Red Hat Product Security

More information about the security-dev mailing list