disabledAlgorithms "DHE keySize < 1024" support?
Xuelei Fan
xuelei.fan at oracle.com
Sat May 23 00:30:26 UTC 2015
Please refer to the "Customizing Size of Ephemeral Diffie-Hellman Keys"
section of JSSE Reference Guide.
http://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html
Xuelei
On 5/23/2015 5:34 AM, Bernd Eckenfels wrote:
> Hello,
>
> does jdk.tls.disabledAlgorithms support to disable DHE based on the
> prime size (similiar to RSA keySize)? I have tried it, but I can only
> disable DHE completely, but I cannot get a Java TLS client to enforce
> higher standards (i.e. at least 768, better 1024) bit. I tried
> Oracle 8u40. Is there another way to do that?
>
> Gruss
> Bernd
>
More information about the security-dev
mailing list