RFR 8167459: Add debug output for indicating if a chosen ciphersuite was legacy.
Xuelei Fan
xuelei.fan at oracle.com
Tue Oct 11 01:32:43 UTC 2016
Nice update, and thanks!
Xuelei
On 10/11/2016 6:57 AM, Bradford Wetmore wrote:
>
> Hi Xuelei,
>
> We should provide more information about which ciphersuites were
> actually considered for a handshake and why they were ultimately
> chosen/not chosen, but for now we have been requested to add a debug
> message to indicate whether or not the selected ciphersuite was legacy.
>
> Examples:
>
> % java -Djavax.net.debug=all MyClass // or % java -Djavax.net.debug=ssl
> MyClass
> ...deleted...
> Standard ciphersuite chosen: TLS_RSA_WITH_AES_128_CBC_SHA
> ...deleted...
>
> or
>
> ...deleted...
> Legacy ciphersuite chosen: SSL_RSA_WITH_RC4_128_SHA
> ...deleted...
>
> The proposed simple change is:
>
> https://bugs.openjdk.java.net/browse/JDK-8167459
> http://cr.openjdk.java.net/~wetmore/8167459/webrev.00/
>
> Thanks,
>
> Brad
More information about the security-dev
mailing list