Release Note Review JDK-8028518: Increase the priorities of GCM cipher suites
Xuelei Fan
xuelei.fan at oracle.com
Mon Mar 20 17:53:27 UTC 2017
Thanks for the comments! The release note bug entry is updated accordingly.
> 9-ea/technotes/guides/security/SunProviders.html#SunJSSEProvider
The doc update is under review.
Xuelei
On 3/20/2017 10:44 AM, Brad R. Wetmore wrote:
> There's some minor English adjustments that could be made.
>
> In TLS protocols, cipher suite specifies the cryptography algorithms
> used in TLS connections. The priorities of cipher suites define the
> preference order that a cipher suite may be used in a TLS connection. In
> this update, GCM-based cipher suites are configured as the most
> preferable default cipher suites in the SunJSSE provider.
> ->
> In TLS, a ciphersuite defines a specific set of cryptography algorithms
> used in a TLS connection. JSSE maintains a prioritized list of
> ciphersuites. In this update, GCM-based cipher suites are configured as
> the most preferable default cipher suites in the SunJSSE provider.
>
> In the SunJSSE provider, the following cipher suites are move to the
> head of default enabled cipher suite list:
> ->
> In the SunJSSE provider, the following ciphersuites are now the most
> preferred by default:
>
> SunJSSE provider in JDK
> ->
> SunJSSE provider in the Oracle JRE
>
> There is no guarantee the cipher suites priorities to remain the same in
> future updates or releases.
> ->
> There is no guarantee the cipher suites priorities will remain the same
> in future updates or releases.
>
>
> Have you worked with docs to update the Oracle Providers list?
>
> 9-ea/technotes/guides/security/SunProviders.html#SunJSSEProvider
>
> It looks like the current docs (downloaded on Friday) is out of date.
>
> Brad
>
>
>
>
> On 3/20/2017 9:23 AM, Xuelei Fan wrote:
>> Hi,
>>
>> Please review the release note of JDK-8028518, "Increase the priorities
>> of GCM cipher suites".
>>
>> Release note: https://bugs.openjdk.java.net/browse/JDK-8177143
>> RFE: https://bugs.openjdk.java.net/browse/JDK-8028518
>>
>> Thanks,
>> Xuelei
More information about the security-dev
mailing list