New JEP Draft for review: "Disable SHA-1 Certificates"
Sean Mullan
sean.mullan at oracle.com
Tue Apr 5 12:28:19 UTC 2016
We are seeking feedback on a new JEP Draft ("Disable SHA-1 Certificates)
that is initially targeted to JDK 9:
http://openjdk.java.net/jeps/8149555
The goal of the JEP is to improve the default security configuration of
the JDK by disabling X.509 certificate chains with SHA-1 based signatures.
Backports to earlier releases will be targeted at a later date after
more communication, discussion and testing.
Thanks,
Sean
More information about the security-dev
mailing list